The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses shell commands to manage the development environment, including mkdir for project structure, cat for file creation, and npm install for dependency management. It also executes npx remotion still to render the generated React components into images.
[DATA_EXFILTRATION]: (Exposure Risk) The workflow allows users to provide local file paths for images which the agent is instructed to copy into the project's public directory (e.g., cp /path/to/face.png ...). This provides a surface for sensitive file exposure if a malicious prompt or indirect injection directs the agent to 'image' paths like ~/.ssh/id_rsa or .env files.
[EXTERNAL_DOWNLOADS]: The skill triggers the download and installation of numerous Node.js packages from the npm registry via npm install. While these are standard development dependencies (e.g., remotion, react), they execute code during the installation and build phases.
[PROMPT_INJECTION]: (Indirect) The skill uses WebSearch and WebFetch to research niche patterns. Instructions are processed from these external sources to determine the design strategy. The lack of explicit boundary markers or sanitization for this fetched content poses a risk of indirect prompt injection where web content could influence the agent's code generation or file system actions.
[DYNAMIC_CODE_EXECUTION]: The agent dynamically generates and writes React source code (.tsx files) based on user descriptions and external research. This code is then executed in a Node.js environment via the Remotion CLI. While necessary for the skill's function, it represents a path for code execution derived from untrusted inputs.

create-thumbnail