The Agent Skills Directory

[COMMAND_EXECUTION]: The script src/utils.py uses subprocess.run to check for the presence of the Tesseract OCR binary. The call uses a hardcoded argument (--version) and target path, posing no security risk of argument injection or unauthorized command execution.
[DYNAMIC_EXECUTION]: The check_dependencies function in src/utils.py utilizes __import__ to verify the installation of required Python modules. The module names are retrieved from a static, hardcoded dictionary, which prevents any arbitrary module loading or code execution.
[OBFUSCATION]: The file README_CN.md contains several ASCII control characters, such as backspace (U+0008) and form feed (U+000C), within text like bash, apt, and figure. These appear to be unintentional encoding artifacts or document creation residues rather than malicious obfuscation, as they do not hide malicious intent or affect the functionality of the code.
[INDIRECT_PROMPT_INJECTION]: The skill processes external PDF files, which represents an attack surface for indirect prompt injection. However, since the skill only performs local image extraction and does not feed extracted text into further LLM decision-making logic or security-sensitive prompts, the actual risk is negligible.

sci-figure