The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill processes untrusted Markdown and HTML data to generate PDF files without sanitization. This presents an attack surface where a malicious document could attempt to execute scripts or access internal resources during the rendering process.
Ingestion points: The markdownToPdf function reads content from a file path (mdPath), and generateReport processes a data object.
Boundary markers: None; the skill lacks specific delimiters or instructions to ignore embedded commands in the source documents.
Capability inventory: Uses fs.readFileSync for file access, fs.createWriteStream for file writing, and puppeteer.launch() to start a browser process.
Sanitization: The skill uses the marked library to parse Markdown into HTML and directly passes the result to page.setContent() without filtering potentially malicious HTML tags or scripts.
[Command Execution] (LOW): The implementation relies on puppeteer to launch a headless browser. While necessary for the primary purpose of high-fidelity PDF rendering, this increases the attack surface if the environment is not properly sandboxed, as the browser can be directed to load local files or internal network metadata endpoints.

PDF Generator