The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill utilizes npx -y meigen@latest to fetch and run its server code from the NPM registry during initialization. While this targets the author's own package, it remains a runtime external dependency. \n- [DATA_EXFILTRATION]: The upload_reference_image tool takes a filePath as input and uploads the file content to an external CDN. This capability allows the agent to read and transmit local files, creating a potential vector for exfiltrating sensitive system data or credentials if the agent is manipulated into selecting sensitive paths. \n- [CREDENTIALS_UNSAFE]: Setup instructions guide users to store API tokens, such as MEIGEN_API_TOKEN and openaiApiKey, in environment variables or plaintext configuration files such as ~/.config/meigen/config.json. \n- [COMMAND_EXECUTION]: The skill requires running shell commands like npx and mcporter for its primary operation and configuration management. \n- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection. Evidence Chain: 1. Ingestion points: search_gallery (external API) and enhance_prompt (user/external input) tools. 2. Boundary markers: No delimiters or ignore-instructions warnings are specified in the provided documentation. 3. Capability inventory: Network access and file read operations are available via generation and reference tools. 4. Sanitization: No sanitization or escaping of external or user-provided content is documented or enforced.

creative-toolkit