The Agent Skills Directory

[COMMAND_EXECUTION]: The generate_podcast.py script uses subprocess.run to create a virtual environment and execute installation commands. It also employs os.execv to re-execute itself within the local environment to ensure all dependencies are properly loaded.
[EXTERNAL_DOWNLOADS]: The skill automatically downloads and installs standard Python packages (podcastfy, pyyaml, playwright, audioop-lts) from PyPI and installs the Chromium browser binary via Playwright to support URL content extraction.
[DATA_EXPOSURE]: The bootstrapping logic attempts to read the user's ~/.zshrc shell profile to automatically locate and synchronize GEMINI_API_KEY, GOOGLE_API_KEY, and OPENAI_API_KEY environment variables.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it fetches and processes content from user-supplied URLs. • Ingestion points: External web content is ingested via the --input parameter in scripts/generate_podcast.py. • Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the processed data. • Capability inventory: The skill maintains capabilities for shell command execution, file system modifications, and network access. • Sanitization: Content sanitization is managed by the underlying podcastfy library and is not explicitly handled in the bootstrapping script.

podcastfy