The Agent Skills Directory

Indirect Prompt Injection (SAFE): The skill is designed to ingest and process untrusted data from PDF files, which is a standard surface for indirect injection.
Ingestion points: scripts/extract_form_field_info.py extracts metadata and field IDs; code examples in SKILL.md demonstrate full-text extraction via pypdf and pdfplumber.
Boundary markers: No explicit delimiters are used in the provided Python scripts, though the instructions in forms.md emphasize a human-in-the-loop visual validation process.
Capability inventory: The skill can perform file system operations (read/write), image processing, and utilizes external PDF utilities.
Sanitization: Extracted text and metadata are not sanitized before being provided to the agent.
Dynamic Execution (SAFE): scripts/fill_fillable_fields.py performs dynamic modification of an imported library to correct a bug.
Evidence: The function monkeypatch_pydpf_method() redefines pypdf.generic.DictionaryObject.get_inherited at runtime. This is a static, localized patch used to handle a specific TypeError in the pypdf library related to selection list fields, and does not involve executing external or untrusted code.

pdf