The Agent Skills Directory

[COMMAND_EXECUTION] (MEDIUM): The skill instructions in stages/04-prompts.md direct the agent to execute a local script (scripts/apimart_batch_generate.py) automatically when a user selects the 'Bulk API' option. The instruction specifically states 'execute directly, no longer re-confirming' (不再二次确认), which explicitly bypasses user verification for local command execution.
[EXTERNAL_DOWNLOADS] (LOW): The skill interacts with an external API endpoint (api.apimart.ai) to generate images. While this is the intended functionality, it involves transmitting data (prompts) to a third-party service.
[CREDENTIALS_UNSAFE] (LOW): The skill documentation guides users on setting up API tokens in a local scripts/apimart.env file. While it advises against committing these, the agent is instructed to handle and reference these sensitive credentials during the script execution phase.
[PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) as it processes untrusted user-provided articles to generate structured output. 1. Ingestion points: User input for article content in stages/01-brief.md. 2. Boundary markers: Absent in prompt templates. 3. Capability inventory: Script execution and external API calls. 4. Sanitization: No sanitization or validation of input text is implemented before interpolation into prompts.

image-assistant