The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from both user-provided image URLs and external API responses from tool-gateway.linkfox.com. 1. Ingestion points: imageUrl in SKILL.md and detection results in references/api.md. 2. Boundary markers: The skill does not define specific delimiters or instructions for the agent to ignore embedded commands in the API data. 3. Capability inventory: The skill uses scripts/ruiguan_copyright_detection.py for network calls and scripts/upload_image.py for file reads and uploads. 4. Sanitization: The imageUrl is checked for length (max 1000 characters) in the query script, but no content sanitization of the API response is implemented.
[DATA_EXFILTRATION]: The skill reads local image files via scripts/upload_image.py and uploads them to the vendor's infrastructure at tool-gateway.linkfox.com. This is a documented feature to facilitate copyright analysis of local images.
[COMMAND_EXECUTION]: The skill executes local Python scripts to interact with the LinkFox API gateway and handle image file transfers.

linkfox-ruiguan-copyright