The Agent Skills Directory

[COMMAND_EXECUTION]: The skill constructs and executes shell commands for the meitu CLI by directly interpolating user-provided inputs (image_url, video_url) and a dynamically constructed composed_prompt. The absence of explicit sanitization or shell-escaping logic for these variables creates a significant vulnerability where a malicious user could execute arbitrary system commands.
[CREDENTIALS_UNSAFE]: The skill is designed to read sensitive API keys (MEITU_OPENAPI_ACCESS_KEY and MEITU_OPENAPI_SECRET_KEY) from environment variables and the local file path ~/.meitu/credentials.json. While this is part of the vendor's standard authentication flow, it constitutes access to sensitive credentials.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface (Category 8) by processing untrusted data from user-provided URLs to generate prompts that control the behavior of the meitu tool.
Ingestion points: Untrusted data enters the context via the image_url and video_url parameters in SKILL.md.
Boundary markers: None identified; the skill processes external input and interpolates the results directly into downstream prompts and command arguments.
Capability inventory: The skill has the capability to execute shell commands (meitu), create directories (mkdir), and perform file system read/write operations.
Sanitization: There is no mention of input validation, URL filtering, or shell-safe interpolation in the workflow description.

meitu-video-dance