The Agent Skills Directory

[Prompt Injection] (LOW): The skill contains instructions that nudge the agent to ignore its own refusal logic, warning against 'Pitfall 2: Giving Up' and directing the agent to 'provide the actual decoded text string, not an explanation of why it cannot be determined,' which mimics patterns designed to bypass safety constraints.
[Command Execution] (LOW): The skill suggests shell commands like grep "M117" file.gcode. If the filename file.gcode is derived from untrusted user input without sanitization, it is vulnerable to command injection via shell metacharacters.
[Indirect Prompt Injection] (LOW): The skill is designed to process untrusted external data (GCODE files) which may contain malicious instructions in comments or metadata. 1. Ingestion points: Data enters via GCODE file reading in Phase 1, Phase 2, and the Python visualization script. 2. Boundary markers: Absent; there are no instructions to the agent to treat GCODE content as untrusted or to use delimiters. 3. Capability inventory: Subprocess execution (grep, sed), file read/write (open, plt.savefig), and Python execution (matplotlib). 4. Sanitization: No sanitization is performed on the GCODE content or the filenames used in shell commands.

gcode-to-text