The Agent Skills Directory

[PROMPT_INJECTION]: Vulnerability to indirect prompt injection through user-supplied PDF files. External data is ingested via scripts/convert_pdf_to_images.py, scripts/extract_form_field_info.py, and text extraction tools mentioned in SKILL.md. No boundary markers or sanitization procedures are defined for processing the extracted content, which is used to influence agent actions while filling forms or extracting data. The skill possesses file-writing and command-execution capabilities.\n- [COMMAND_EXECUTION]: The skill relies on the execution of multiple Python scripts and command-line utilities such as pdftotext, qpdf, and pdfimages to manipulate document files.\n- [DYNAMIC_EXECUTION]: The script scripts/fill_fillable_fields.py implements a runtime monkeypatch for the pypdf library's DictionaryObject.get_inherited method to resolve a specific formatting issue with selection list fields.

pdf-official