The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill's logic is entirely concealed using the Pyarmor obfuscation tool across 60 Python files. This technique prevents auditing the skill for malicious behaviors such as data exfiltration or credential harvesting, which violates security transparency standards for AI agent skills.
[REMOTE_CODE_EXECUTION]: As documented in SKILL.md, the skill automatically detects and installs dependencies at runtime using the uv tool. This allows for the execution of unverifiable third-party code pulled from external registries without explicit user oversight.
[COMMAND_EXECUTION]: The skill incorporates powerful browser automation tools, specifically Selenium and Pyppeteer. Controlled by obfuscated logic, these tools could be used to perform unauthorized web interactions, harvest session data, or engage in malicious network activity from the user's environment.
[EXTERNAL_DOWNLOADS]: The skill fetches content from arbitrary user-provided URLs. Because the downloading and request handling logic is obfuscated, it is impossible to verify that sensitive information is not being leaked in the process.
[PROMPT_INJECTION]: The skill provides an attack surface for indirect prompt injection through document parsing. 1. Ingestion points: Various file formats (PDF, DOCX, XLSX, etc.) and URLs processed by the main entry script. 2. Boundary markers: Absent. 3. Capability inventory: Browser automation, arbitrary network requests, and filesystem access. 4. Sanitization: Unknown due to the obfuscated nature of the parsing engine.

lyxy-document-reader