The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill processes PDF documents which serve as untrusted external data sources.
Ingestion points: The scripts extract_form_field_info.py, convert_pdf_to_images.py, and fill_pdf_form_with_annotations.py read PDF files provided as local file paths.
Boundary markers: The instructions do not define explicit boundary markers or warnings to ignore embedded instructions within the processed PDFs.
Capability inventory: The skill has the capability to write files, modify PDFs, and execute shell commands through scripts and provided command-line snippets.
Sanitization: There is no evidence of sanitization or filtering of the content extracted from or written to the PDF files.
[COMMAND_EXECUTION]: The skill guides the agent to execute various shell commands including pdftotext, qpdf, and pdftk for document manipulation. While these are standard tools, execution of CLI tools with user-supplied file paths is a significant capability.
[DYNAMIC_EXECUTION]: The script scripts/fill_fillable_fields.py implements a monkeypatch at runtime. It overrides the DictionaryObject.get_inherited method in the pypdf library to fix a bug related to selection list fields. Although this is done for legitimate functionality, runtime modification of library code is a dynamic execution pattern.

PDF Processing