The Agent Skills Directory

Indirect Prompt Injection (MEDIUM): The skill ingests external data that influences file writing operations, creating a vulnerability surface. * Ingestion points: products.csv via batch_generate and CLI arguments. * Boundary markers: Absent in documentation; no distinction between data and instructions. * Capability inventory: File system write access for barcode image and document generation (PNG, SVG, PDF). * Sanitization: Absent; filename control is delegated to untrusted CSV content, presenting a path traversal risk.
No Code (LOW): The implementation logic in scripts/barcode_gen.py is not provided, making the skill non-operational and its actual file-handling logic unverifiable.

barcode-generator