The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill downloads preset packages in .aws (ZIP) format. This is restricted to the vendor's official domain (aiworkskills.cn) via an enforcement whitelist in the script logic. Non-HTTPS or unauthorized domains result in an immediate error.
[COMMAND_EXECUTION]: The skill executes local Python scripts (import_presets_aws.py and product_image_ingest.py) to handle file management and configuration tasks. These operations are scoped to the project directory.
[DATA_EXFILTRATION]: While the skill manages credentials (API keys and WeChat IDs) by writing them to a local aws.env file, it implements safety measures such as automatic backups and ensures that secret values are never printed to stdout or stderr during the process. There is no evidence of these secrets being transmitted to external servers.
[REMOTE_CODE_EXECUTION]: The import_presets_aws.py script includes a comprehensive security implementation to prevent 'ZIP Slip' (directory traversal) attacks. It explicitly validates that all extracted files remain within the designated temporary directory by checking for absolute paths, '..' segments, and resolving final destination paths.
[PROMPT_INJECTION]: The skill includes an indirect ingestion surface by reading business introduction files and specifications. While this allows the agent to process external data, the risk is mitigated by the fact that these resources originate from the user's own business repository or the vendor's verified preset packages.

aws-wechat-article-assets