The Agent Skills Directory

NO_CODE (SAFE): The skill is composed exclusively of a markdown file containing prompt templates and configuration logic. It contains no Python scripts, Node.js packages, or shell commands, which eliminates most common execution-based attack vectors.\n- DATA_EXFILTRATION (SAFE): There are no network request commands (e.g., curl, wget, fetch) or logic for accessing sensitive file system paths like SSH keys or environment variables. The skill's operation is limited to reading specified text documents and generating image prompts.\n- PROMPT_INJECTION (SAFE): The skill uses directive language ('priority', 'strictly execute', 'forbidden items') to ensure visual consistency. These are legitimate stylistic constraints for image generation and do not contain patterns associated with bypassing safety filters or extracting system prompts.\n- Indirect Prompt Injection (SAFE): The skill reads external text files (e.g., docs/ai-myths.md) and interprets them for content. While this is an ingestion point for untrusted data, the restricted capability set (only calling imageGen) means that even an adversarial document could only influence the resulting image style or content, not gain control over the host system.

notion-infographic-v2