The Agent Skills Directory

Indirect Prompt Injection (LOW): The skill processes untrusted input from users and external data sources which could be used to embed malicious instructions.
Ingestion points: Processes URL and label/caption text from user input, and data from CSV files during batch generation.
Boundary markers: The workflow mentions URL validation (scheme + domain) but lacks specific boundary markers or sanitization for caption labels which are reflected in the output.
Capability inventory: Executes local Python scripts (scripts/generate_qr.py, scripts/batch_generate.py) and performs file-write operations for PNG and SVG exports.
Sanitization: Includes basic URL validation, but no explicit sanitization for label text or CSV content is mentioned.
Command Execution (SAFE): The skill utilizes local Python scripts for its primary logic. No patterns indicating arbitrary command execution, shell spawning, or unsafe subprocess calls were found in the skill definition.
External Downloads (SAFE): No remote scripts, package installations (pip/npm), or external binary downloads are requested in the skill's workflow.

qr-code-generator