The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill includes logic in scripts/vendor/baoyu-md/src/utils/languages.ts to dynamically download and execute JavaScript files from a remote CDN (https://cdn-doocs.oss-cn-shenzhen.aliyuncs.com) using the import() function. This is designed to load syntax highlighting grammars for different programming languages at runtime based on the input markdown.
[COMMAND_EXECUTION]: The SKILL.md file instructs the agent to execute shell commands such as test, grep, and Select-String. These commands are used to locate and read user preferences from EXTEND.md files stored in the project directory and the user's home directory ($HOME/.baoyu-skills/).
[EXTERNAL_DOWNLOADS]: The skill automatically downloads remote images found in the input Markdown to a local temporary directory using the Node.js http and https modules. Additionally, it interacts with the external service https://www.plantuml.com to render diagrams.
[DATA_EXPOSURE]: The skill searches for and reads configuration files from sensitive locations, including $HOME/.baoyu-skills/ and $HOME/.config/baoyu-skills/, to resolve user themes and primary color settings.
[INDIRECT_PROMPT_INJECTION]: The skill processes user-provided Markdown content without strict boundary markers. This represents a potential surface where malicious instructions embedded in the source text or metadata could influence the rendering behavior or subsequent agent steps.
Ingestion points: Input markdown file path passed to scripts/main.ts.
Boundary markers: None present; the content is parsed as a whole.
Capability inventory: File system read/write (fs.readFileSync, fs.writeFileSync), network downloads (http.get), and shell command execution.
Sanitization: Uses basic HTML escaping for inline code spans, but relies on the marked library for primary rendering.

baoyu-markdown-to-html