The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the macOS shortcuts CLI to run image generation workflows. It also leverages standard system tools such as find, stat, and python3 for file management and payload serialization. The shell scripts implement robust quoting and use mktemp for temporary file handling to prevent common injection vulnerabilities.- [EXTERNAL_DOWNLOADS]: The skill documentation provides links to official Apple iCloud Shortcut share links (icloud.com) to install the necessary automation components. These references target a well-known service and are documented as a prerequisite for setup.- [DATA_EXFILTRATION]: While the skill does not perform network exfiltration, it accesses the ChatGPT application's local cache directory (~/Library/Caches/com.openai.chat) to identify and copy generated images. This file access is limited to the local filesystem and is the primary, documented method for the backup generation flow.- [PROMPT_INJECTION]: The skill processes user-provided prompts that are passed to external shortcuts. It mitigates injection risks by using a Python-based JSON serialization method for the Image Playground Skill flow and stdin redirection for the Image gen flow.
Ingestion points: Untrusted data enters the skill via the --prompt and --prompt-file arguments.
Boundary markers: Absent; the prompt content is processed as a whole without specific delimiters.
Capability inventory: The skill has the ability to execute system shortcuts and perform file copy operations (cp) based on automated detection of new files in the cache.
Sanitization: Input is safely handled through standardized JSON serialization in Python and proper shell quoting.

image-playground