The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill processes untrusted external data such as scraped HTML and client-provided documents which could contain malicious instructions.
Ingestion points: Specifically identifies datos_extraier.md (scraped HTML/Markdown) and client folders as input sources in SKILL.md.
Boundary markers: No explicit delimiters or instructions to ignore embedded commands are provided when processing these files.
Capability inventory: The skill executes local directory listings and runs Python scripts for data processing.
Sanitization: The provided extract_colors.py script performs image processing but does not contain sanitization for text-based inputs mentioned in other steps.
Command Execution (SAFE): The skill instructs the agent to run local Python scripts (extract_colors.py, extract_client_data.py) to automate data extraction. This is consistent with the skill's primary purpose and uses standard arguments.
Unverifiable Dependencies (SAFE): The color extraction script depends on the Pillow library, which is a standard and trusted package for image processing.

digitaliza-data-extractor