The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches content from several external domains to perform its primary function. These include defuddle.md, r.jina.ai, and raw.githubusercontent.com. It also performs curl operations to download images from extracted URLs when explicitly requested by the user.
[COMMAND_EXECUTION]: The skill executes multiple local shell commands and scripts to process documents. This includes curl for networking, gh for GitHub API access, pdftotext for PDF extraction, and python3 for executing the built-in Feishu and WeChat scrapers.
[REMOTE_CODE_EXECUTION]: The script scripts/fetch.sh uses npx --yes agent-fetch to dynamically download and run the agent-fetch package from the npm registry as a fallback method. Additionally, the documentation provides instructions for users to install external Python packages like playwright, beautifulsoup4, and marker-pdf for advanced parsing capabilities.
[PROMPT_INJECTION]: As the skill is designed to ingest and process arbitrary untrusted content from the web, it has an inherent surface for indirect prompt injection. However, the instructions in SKILL.md include strong boundary markers, explicitly telling the agent to convert the content without analysis or interpretation, which significantly mitigates the risk of the agent obeying instructions embedded within the fetched pages.

read