The Agent Skills Directory

[SAFE]: The skill is well-structured and follows secure patterns for asset generation and brand identity management. It uses legitimate API endpoints (api.openai.com) and local project files for its intended purpose.
[COMMAND_EXECUTION]: The skill documentation includes logic for detecting local execution environments via environment variables like $OD_BIN. This is used to interface with authorized internal design infrastructure.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection due to its automated ingestion of external project data.
Ingestion points: Reads from project files including prd.md, brand-guideline.md, and campaign briefs as defined in references/brand-identity-source.md.
Boundary markers: Absent; the skill does not explicitly wrap ingested data in delimiters within the generated prompts.
Capability inventory: The skill can perform external API requests to OpenAI's image generation endpoint and write generated artifacts to the docs/design/ directory.
Sanitization: The skill performs structured extraction of brand metadata (hex codes, typography) which limits the attack surface, but it interpolates descriptive text into prompts without explicit sanitization.

30-thiet-ke-master