The Agent Skills Directory

[PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it is designed to ingest and process data from external PDF documents.
Ingestion points: The skill reads external PDF files via tools like get_pdf_metadata and for form field extraction (e.g., completed_form.pdf).
Boundary markers: The skill documentation does not define specific delimiters or "ignore embedded instructions" warnings for the content extracted from PDF files.
Capability inventory: The skill utilizes office-mcp tools fill_pdf_form and get_pdf_metadata, which involve reading and writing data based on the processed content.
Sanitization: No sanitization or validation logic is specified for the text content parsed from external PDFs before it is presented to the agent.
[SAFE]: No hardcoded credentials, unauthorized network connections, or remote code execution patterns were found. Recommended programming libraries like pdf-lib and PyPDF2 are well-known, trusted resources and are mentioned only for reference.

PDF Form Filler