The Agent Skills Directory

[COMMAND_EXECUTION]: The main orchestration script scripts/illustrate-article.ts uses child_process.spawn to run the skill's own internal scripts (plan-illustrations.ts, image-gen.ts, and qiniu-upload.ts) to automate the illustration workflow. The command arguments are sanitized using a slugify function to prevent shell injection.- [EXTERNAL_DOWNLOADS]: The skill performs outbound network requests to image generation services (Google Gemini, OpenAI) and Qiniu Cloud for image hosting. It also includes a default configuration for a third-party Gemini-compatible relay at vip.123everything.com.- [DATA_EXFILTRATION]: To generate relevant images, the skill transmits article titles and content summaries to the configured image generation providers. Users should be aware that their content summaries are processed by these external APIs.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads local Markdown files and interpolates their contents into prompts for the image generation model.
Ingestion points: Reads the full content of local files provided via the article_path input.
Boundary markers: Absent; article summaries are directly inserted into structured prompt templates.
Capability inventory: The skill can execute subprocesses via spawn, write to the local filesystem via writeFileSync, and make network requests via fetch.
Sanitization: Basic markdown stripping is performed via cleanMarkdown, and filenames are sanitized via slugify.

article-illustrator