The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill manages sensitive secrets including WRITING_MODEL_API_KEY, IMAGE_MODEL_API_KEY, and WeChat APPID/APPSECRET within a file named aws.env. The script scripts/validate_env.py reads the contents of this file to perform presence checks.\n- [DATA_EXFILTRATION]: The script scripts/validate_env.py accesses and reads sensitive environment files (aws.env). Reading sensitive file paths is a high-risk pattern for data exposure, as the contents are accessible to the agent and could be potentially exfiltrated despite instructions to the contrary.\n- [COMMAND_EXECUTION]: The skill invokes the local Python interpreter to run scripts/validate_env.py for mandatory environment verification.\n- [PROMPT_INJECTION]: The skill employs strong override markers and restrictive language (e.g., "⛔ BLOCKING", "禁止") to enforce a rigid workflow sequence. It also presents an indirect prompt injection risk surface: external user data from topics and article drafts is ingested at runtime and interpolated into subsequent prompts without sanitization or clear boundary markers (such as delimiters), while the skill retains access to subprocess and file-write capabilities.

aws-wechat-article-main