The Agent Skills Directory

[COMMAND_EXECUTION]: The skill documentation includes multiple curl command examples designed for interacting with the EachLabs API at https://sense.eachlabs.run/chat. These are provided as usage templates for the user or agent.
[DATA_EXFILTRATION]: Instructions specify the use of an API key via an environment variable ($EACHLABS_API_KEY) in the request headers, which is a standard secure practice for credential management and prevents hardcoding of secrets.
[EXTERNAL_DOWNLOADS]: The skill facilitates communication with remote endpoints sense.eachlabs.run and references output storage at storage.eachlabs.ai. Both are official domains belonging to the vendor, eachlabs, and are considered trusted in the context of this skill.
[PROMPT_INJECTION]: The skill identifies an attack surface for indirect prompt injection as it accepts and processes external image_urls and user-provided message strings. Documentation does not specify explicit boundary markers or input sanitization for these fields, though this behavior is central to the skill's primary function of image colorization via a chat-based interface. Evidence: Ingestion points: image_urls and message in SKILL.md; Boundary markers: absent; Capability inventory: curl network operations in SKILL.md; Sanitization: absent.

photo-colorization