The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) as it captures untrusted text from external websites and incorporates it into narration scripts (SCRIPT.md) and HTML/JS compositions. * Ingestion points: capture/extracted/visible-text.txt and capture/extracted/asset-descriptions.md files generated during the capture phase. * Boundary markers: There are no explicit boundary markers or instructions to ignore malicious instructions embedded in the captured website text. * Capability inventory: The skill has significant capabilities, including executing shell commands via npx hyperframes and running generated code in a headless browser via npx hyperframes validate. * Sanitization: No sanitization or escaping mechanisms are described for the text extracted from the source website.
[COMMAND_EXECUTION]: The workflow relies on numerous shell commands executed via npx hyperframes, including capture, tts, transcribe, lint, validate, snapshot, preview, and render. It also mentions running a local script via node skills/hyperframes-animation-map/scripts/animation-map.mjs.
[EXTERNAL_DOWNLOADS]: The skill performs external network requests to capture data from user-provided URLs. It also uses npx, which may download the hyperframes package and its dependencies from the npm registry if not already cached. Additionally, it references external TTS services like ElevenLabs and HeyGen.

website-to-hyperframes