The Agent Skills Directory

[PROMPT_INJECTION] (LOW): Vulnerable to indirect prompt injection (Category 8). The skill interpolates untrusted data like article titles into prompts without sanitization or boundary markers (File: examples.py). Evidence: 1. Ingestion: 'prompt' parameter and 'article_data' dictionary. 2. Boundary markers: None. 3. Capabilities: Network requests to external APIs and file writing. 4. Sanitization: None.\n- [EXTERNAL_DOWNLOADS] (LOW): Requires 'requests' and 'Pillow' libraries.\n- [CREDENTIALS_UNSAFE] (LOW): Instructs users to store API keys in 'config.json', creating a potential exposure point if the local directory is accessed (File: README.md).

image-generator