The Agent Skills Directory

CREDENTIALS_UNSAFE (MEDIUM): The skill instructions and code (load_api_key) require accessing a sensitive file path Notes/.env to retrieve the mistral_api_key. While standard for local tool authentication, accessing environment files is a high-severity pattern, downgraded here to medium as it is central to the skill's primary purpose.
DATA_EXFILTRATION (LOW): The script sends the entire PDF content as base64-encoded data to the Mistral OCR API (api.mistral.ai). This is the intended function of the skill but involves transmitting potentially sensitive user data to an external, non-whitelisted domain.
COMMAND_EXECUTION (LOW): Documentation and programmatic examples in SKILL.md and reference.md encourage the use of subprocess.run to execute the skill's Python scripts.
PROMPT_INJECTION (LOW): The skill has an indirect prompt injection surface because it processes untrusted PDF data and extracts text for agent consumption. Ingestion point: input_pdf in scripts/convert_pdf_to_markdown.py. Boundary markers: None; extracted markdown is concatenated directly. Capability inventory: The script can write to the local filesystem and performs network requests. Sanitization: None; the skill assumes OCR output is benign text.

mistral-pdf-to-markdown