The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill handles dependency management by downloading and installing official packages from PyPI (reportlab, pypdf, matplotlib) and npm (playwright). It also retrieves font styles from Google Fonts (fonts.googleapis.com) during the cover generation process. These sources are considered well-known services and trusted for their respective roles in technology infrastructure. \n- [COMMAND_EXECUTION]: Orchestration is performed via the make.sh shell script, which executes various Python and Node.js components. Additionally, several Python scripts (fill_inspect.py, fill_write.py, merge.py, reformat_parse.py, render_body.py) utilize subprocess.check_call to automate the installation of missing dependencies, ensuring a seamless user experience. \n- [PROMPT_INJECTION]: The skill parses untrusted data from document sources (Markdown, Text, PDF) to generate content for rendering. Evidence for this surface includes: (1) Ingestion points: reformat_parse.py (Markdown/PDF parsing) and fill_inspect.py (PDF field inspection); (2) Boundary markers: Absent; (3) Capability inventory: Shell command execution and file system access across all utility scripts; (4) Sanitization: Basic regex-based parsing without robust sanitization of input text content. \n- [SAFE]: No malicious patterns such as credential theft, persistence mechanisms, or unauthorized data exfiltration were detected. The skill's operations align perfectly with its documented objective of high-quality PDF production.

minimax-pdf