The Agent Skills Directory

[COMMAND_EXECUTION]: The skill mandates the automatic execution of system commands and package managers without user confirmation.
Evidence in SKILL.md: Uses sips for image conversion and brew install for system-level dependencies like Tesseract.
[EXTERNAL_DOWNLOADS]: The skill automatically triggers the download and installation of multiple external Python libraries.
Evidence in SKILL.md: Instructs the agent to pip install several packages including easyocr, reportlab, and pyobjc-frameworks.
[REMOTE_CODE_EXECUTION]: The skill employs dynamic code generation and execution at runtime.
Evidence in SKILL.md: "Create a Python script using PIL and reportlab libraries... Execute the script to generate the PDF". This pattern presents a risk if untrusted content extracted via OCR is interpolated into the generated script.
[PROMPT_INJECTION]: The instructions explicitly command the agent to bypass standard operational safeguards.
Evidence in SKILL.md: "AUTOMATICALLY execute the following steps WITHOUT asking for confirmation" and "DO NOT ask for user confirmation at each step". This instructions-override increases the risk of executing unintended or malicious operations extracted from processed documents.
[DATA_EXPOSURE]: The skill is designed to handle extremely sensitive personal data, increasing the potential impact of any security failure.
Evidence in README.md: Specifically targets "Bank deposit certificates", "Income certificates", "ID cards and passports".

visa-doc-translate