The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The script scripts/md/utils/languages.ts dynamically imports JavaScript modules from an external Aliyun OSS bucket (cdn-doocs.oss-cn-shenzhen.aliyuncs.com) using the import() function with computed URLs. This is used to load language definitions for syntax highlighting at runtime.
[EXTERNAL_DOWNLOADS]: The main execution script scripts/main.ts contains a downloadFile function that uses the http and https modules to fetch content from arbitrary URLs and save it to the local file system. This is triggered when processing Markdown files containing remote image links.
[COMMAND_EXECUTION]: The instruction set in SKILL.md directs the agent to use npx -y bun to run the conversion scripts. This involves executing packages fetched from the public NPM registry.
[DATA_EXPOSURE]: The skill is designed to read configuration and preference files (EXTEND.md) from the user's home directory and from other skill directories (specifically baoyu-post-to-wechat), as seen in the theme resolution logic in SKILL.md and scripts/md/extend-config.ts.
[PROMPT_INJECTION]: The skill acts as a surface for indirect prompt injection because it processes untrusted Markdown content and generates HTML output for downstream platforms without explicit sanitization or boundary markers to differentiate between data and instructions. Evidence: scripts/main.ts reads the input file, and scripts/md/renderer.ts uses the marked library with custom extensions to produce the final HTML structure.

baoyu-markdown-to-html