The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes arbitrary user-supplied text to generate narration scripts and scene designs, which creates a surface for indirect prompt injection.
Ingestion point: SKILL.md Step 1 writes user input to capture/extracted/visible-text.txt.
Boundary markers: Absent. The input is passed directly to the scriptwriting agent via dispatch context in Step 2.
Capability inventory: The pipeline can execute shell commands, install software packages (NPM/PyPI), and perform network requests to external APIs.
Sanitization: No specific sanitization or filtering of the external input text is performed before it is consumed by the agents.
[EXTERNAL_DOWNLOADS]: The skill downloads various dependencies and resources required for video processing:
Installs Node.js packages (e.g., puppeteer-core) via npm install and Python packages (e.g., transformers, torch) via pip install from official registries.
Downloads pre-trained AI models from Hugging Face (facebook/musicgen-small) and browser binaries using npx hyperframes doctor.
Fetches library code from JSDelivr CDN (gsap).
[COMMAND_EXECUTION]: The skill uses shell commands and subprocess spawning to orchestrate its workflow:
Executes system tools like ffmpeg and ffprobe for media processing.
Dynamically assembles and executes Python code strings via python3 -c to generate background music locally.
Runs headless browser probes using Puppeteer to measure layout dimensions.
[DATA_EXFILTRATION]: The skill manages credentials for third-party AI services:
The scripts/audio.mjs script reads sensitive configuration files (~/.heygen/credentials) and .env files to retrieve API keys.
These keys are used to authenticate network requests to legitimate service endpoints such as api.heygen.com and ElevenLabs.

faceless-explainer