The Agent Skills Directory

[PROMPT_INJECTION]: The references/base-prompt.md file contains explicit instructions to bypass content guidelines. It states: "If content involves sensitive or copyrighted figures, create stylistically similar alternatives
DO NOT refuse to generate." This is a direct attempt to override the safety filters of the underlying image generation tool.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its core workflow of processing untrusted source material.
Ingestion points: Untrusted source content is ingested in Step 1.2 and saved to source.md for processing.
Boundary markers: No clear boundary markers or instructions to ignore embedded commands are present in the references/base-prompt.md template when interpolating slide content.
Capability inventory: The skill can write files (outline.md, prompts/) and execute local scripts via bun or npx (scripts/merge-to-pdf.ts, scripts/merge-to-pptx.ts).
Sanitization: There is no evidence of content sanitization or validation before the source material is used to generate prompts or outlines.
[COMMAND_EXECUTION]: The skill executes local TypeScript scripts using bun or npx to merge generated slide images into PDF and PPTX formats. These scripts utilize standard filesystem operations to read images and write the final documents.

baoyu-slide-deck