The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill relies on storing sensitive API keys in plain text within 'scripts/config.json'. This is a standard but insecure practice for managing credentials if the environment is not protected.- [DATA_EXFILTRATION]: The 'VisionManager._encode_image' method in 'scripts/vision_manager.py' reads local files and sends their Base64-encoded content to external AI services. The current implementation does not strictly validate that the provided file paths are images, which could allow an attacker to read and transmit sensitive system files if they can control the input path.- [PROMPT_INJECTION]: The skill processes untrusted user data which is interpolated into requests sent to external LLMs. Ingestion points: 'prompt', 'image', 'video', and 'file' arguments in 'scripts/vision.py'. Boundary markers: None; the untrusted data is directly inserted into the API request payload. Capability inventory: The script has permissions to read local files and perform network operations via 'requests.post'. Sanitization: No input validation or escaping is applied to the prompt or the file content before transmission.

image-analysis