The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The troubleshooting section includes instructions for installing the necessary CLI dependency by piping remote shell and PowerShell scripts directly into the interpreter. These scripts are hosted on the service provider's official content delivery network.
Evidence: curl -fsSL https://cdn-mineru.openxlab.org.cn/open-api-cli/install.sh | sh (SKILL.md)
Evidence: irm https://cdn-mineru.openxlab.org.cn/open-api-cli/install.ps1 | iex (SKILL.md)
[DATA_EXFILTRATION]: The skill is designed to send local document files or remote URLs to an external processing service (mineru.net) to perform extraction and conversion. This is the primary stated purpose of the skill.
Evidence: "Both commands send the document to MinerU's API (mineru.net) for processing." (SKILL.md)
[COMMAND_EXECUTION]: The skill facilitates the execution of the mineru-open-api command-line tool with various flags to perform document parsing, OCR, and format conversion.
Evidence: mineru-open-api flash-extract report.pdf (SKILL.md)
[EXTERNAL_DOWNLOADS]: The skill depends on an external package and provides multiple methods for its installation from established registries or provider-managed domains.
Evidence: npm i -g mineru-open-api (SKILL.md)
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests and processes content from untrusted external files (PDFs, Office docs).
Ingestion points: The skill reads local files and remote URLs via the mineru-open-api tool (SKILL.md).
Boundary markers: No explicit instructions or delimiters are provided to the agent to disregard instructions potentially embedded within the converted document content.
Capability inventory: The skill has the capability to execute shell commands (mineru-open-api), write files to the local system (-o flag), and access network resources.
Sanitization: No evidence of validation or sanitization of the extracted document content is present in the skill instructions.

pdf-converter