The Agent Skills Directory

[COMMAND_EXECUTION]: The skill makes extensive use of system utilities and shell commands to process PDFs. This includes using qpdf for merging and splitting, pdftotext and pdftoppm for text and image extraction, and executing generated Python scripts via the python interpreter.
[DYNAMIC_EXECUTION]: The skill's architecture requires the AI agent to dynamically generate Python code to build PDF documents. This generated code is then executed locally. To manage the risk of malicious character injection, the skill includes and mandates a sanitization script (scripts/sanitize_code.py) that must be run before executing any generated .py file. Additionally, scripts/fill_fillable_fields.py performs runtime monkey-patching of the pypdf library to fix internal bugs.
[PROMPT_INJECTION]: The skill processes untrusted external PDF files to extract text, tables, and form metadata. This creates a surface for indirect prompt injection, as malicious instructions embedded within a processed PDF could influence the agent's logic or the content it generates.
Ingestion points: scripts/extract_form_field_info.py, scripts/fill_fillable_fields.py, and pdfplumber usage in reference.md.
Boundary markers: None explicitly defined in the provided instruction templates for extracted text.
Capability inventory: File system read/write (PDF and image generation), command execution (qpdf, python), and web-search capabilities mentioned in SKILL.md.
Sanitization: While scripts/sanitize_code.py protects the generation phase, no explicit sanitization is provided for the raw data extracted from PDFs before it enters the agent's context.
[EXTERNAL_DOWNLOADS]: The skill depends on several well-known and standard external libraries and tools, including reportlab, pypdf, pdfplumber, pdf2image, pytesseract, pypdfium2, poppler-utils, qpdf, pdf-lib, and pdfjs-dist. These are documented for their intended PDF processing purposes.

pdf