The Agent Skills Directory

[COMMAND_EXECUTION] (LOW): The skill's primary workflow involves the agent implementing and running logic extracted from images. This creates a risk if the logic is attacker-controlled.
[EXTERNAL_DOWNLOADS] (LOW): Recommends the dynamic installation of Python packages 'pillow' and 'pytesseract'. While these are standard libraries, manual installation via agent commands bypasses static environment controls.
[PROMPT_INJECTION] (LOW): Vulnerable to indirect prompt injection. 1. Ingestion points: PNG and JPG image files processed via OCR tools. 2. Boundary markers: Absent; there are no instructions to wrap or isolate the extracted code. 3. Capability inventory: The agent is tasked with implementing and executing the resulting code, which could include file or network access. 4. Sanitization: Absent; the skill does not suggest safety checks or sandboxing for the extracted logic.

code-from-image