The Agent Skills Directory

[COMMAND_EXECUTION] (MEDIUM): The skill explicitly instructs the agent to execute a local Python script (scripts/apimart_batch_generate.py) in stage 4 ('Prompt Pack'). The instructions state that if the user selects the 'Batch API' option, the agent should 'directly generate JSONL and execute, without secondary confirmation'. This provides a high-autonomy path for executing local code which was not provided for security review.
[CREDENTIALS_UNSAFE] (LOW): The skill requires an API token to function. While templates/api-config.md and scripts/README.md advise the user to keep the token in a local .env file, the agent is directed to read from or interact with this configuration, creating a risk surface for credential exposure during the session.
[INDIRECT_PROMPT_INJECTION] (LOW): The skill processes arbitrary user-provided text to generate image prompts in stages/01-brief.md and stages/03-copy.md.
Ingestion points: User input provided during the 'Brief' stage (Stage 1).
Boundary markers: Absent; there are no specific instructions for the agent to ignore or sanitize embedded instructions within the user-provided text.
Capability inventory: The agent has the capability to write files (JSONL) and execute shell commands (Python script).
Sanitization: None detected; the agent is expected to summarize and transform user text directly into prompts.

image-assistant