The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted Markdown content and image paths provided by the user.
Ingestion points: scripts/x-article.ts and scripts/md-to-html.ts read content from external files provided via CLI arguments.
Boundary markers: The skill does not use specific delimiters to isolate user-provided content from instructions.
Capability inventory: The skill can control a browser via CDP, perform network downloads, and execute system commands.
Sanitization: It uses established libraries like marked and unified for markdown processing and applies basic HTML escaping.
[DYNAMIC_EXECUTION]: On macOS, the skill dynamically generates Swift code strings from templates, writes them to temporary files, and executes them to manage system pasteboard operations.
Evidence: Found in scripts/copy-to-clipboard.ts and scripts/check-paste-permissions.ts.
[COMMAND_EXECUTION]: The skill executes various system-level utilities to interact with the OS and bypass browser automation detection. This includes osascript (macOS), powershell.exe (Windows), xdotool or ydotool (Linux), and ps for process monitoring.
Evidence: Found in scripts/paste-from-clipboard.ts, scripts/copy-to-clipboard.ts, and scripts/x-utils.ts.
[EXTERNAL_DOWNLOADS]: The skill performs network operations to download remote images from HTTPS URLs specified within processed Markdown files.
Evidence: Found in scripts/md-to-html.ts via the downloadFile function using the https module.

baoyu-post-to-x