The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The script scripts/fill_fillable_fields.py contains a function monkeypatch_pydpf_method that modifies the behavior of the pypdf library at runtime. It overrides the DictionaryObject.get_inherited method to change how selection list data is handled. Dynamic modification of third-party libraries is a high-risk pattern as it can lead to unstable or unexpected execution environments.
[PROMPT_INJECTION]: The skill processes untrusted PDF documents which serves as an indirect prompt injection surface.
Ingestion points: Files are ingested via pypdf, pdfplumber, and pdf2image in scripts such as extract_form_field_info.py, fill_fillable_fields.py, and convert_pdf_to_images.py.
Boundary markers: No explicit boundary markers or instructions to ignore embedded text commands are present in the processing logic.
Capability inventory: The skill can write files, process images, and execute shell commands (qpdf, pdftotext).
Sanitization: There is no sanitization or filtering of the text extracted from the PDFs before it is used by the agent.
[COMMAND_EXECUTION]: The skill documentation in SKILL.md and reference.md provides examples for using system-level command-line tools including qpdf, pdftotext, pdftk, and pdftoppm. These tools are executed using parameters provided via command-line arguments, which include file paths.
[EXTERNAL_DOWNLOADS]: The skill relies on and recommends the installation of several external dependencies from PyPI and NPM registries, such as pytesseract, pdf2image, pypdfium2, pdf-lib, and pdfjs-dist. These are well-known libraries for PDF and image processing.

pdf