The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies on the scripts/png2svg.sh script, which executes system commands via magick and potrace. These tools are used to process image data provided by the user.- [COMMAND_EXECUTION]: The shell script uses python3 -c to perform text manipulation on SVG files. It interpolates shell variables directly into Python code strings (e.g., with open('$out', 'r')). This represents a dynamic code execution risk; if a filename or output path contains a single quote, it could allow an attacker to execute arbitrary Python code.- [EXTERNAL_DOWNLOADS]: The skill instructions suggest installing imagemagick and potrace via the Homebrew package manager. These are well-known and trusted utilities, but they constitute external binary dependencies required for the skill to function.

png-to-svg