The Agent Skills Directory

Category 8: Indirect Prompt Injection (SAFE): While the script ingests untrusted data (HTML content from CLI arguments or files), it only writes this data to the system clipboard. It does not execute the data as code nor does it process it in a way that would influence the agent's logic or internal state. Any risk associated with pasting the resulting clipboard content is external to the script itself.
Ingestion points: The script reads from sys.stdin, file paths via --file, and direct CLI arguments in scripts/copy_to_clipboard.py.
Boundary markers: None (typical for clipboard utilities).
Capability inventory: File system read access and system clipboard write access (AppKit on macOS, win32clipboard and clip-util on Windows).
Sanitization: None; the HTML is passed directly to the clipboard as intended for rich-text support.

publish-zsxq-article