The Agent Skills Directory

[COMMAND_EXECUTION]: The shared script _postplus_shared/00-core/shared-runtime/scripts/download_videos_from_manifest_with_ytdlp.mjs uses spawn to execute python3 -m yt_dlp for video downloading. Additionally, _postplus_shared/00-core/shared-runtime/scripts/lib/large_credit_confirmation.mjs executes the postplus CLI command to handle billing confirmations.
[EXTERNAL_DOWNLOADS]: The skill provides mechanisms to fetch remote content. The download_videos_from_manifest_with_ytdlp.mjs script downloads videos from URLs specified in a JSON manifest, and _postplus_shared/00-core/shared-runtime/scripts/lib/hosted_media_generation_bridge.mjs facilitates downloading media from signed URLs provided by the PostPlus API.
[DATA_EXFILTRATION]: The library _postplus_shared/00-core/shared-runtime/scripts/lib/postplus_cli_config.mjs reads sensitive configuration files (e.g., ~/.config/postplus/config.json) containing session tokens. This information is used exclusively to authenticate requests to the vendor's own API services.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted user drafts. (1) Ingestion points: User-provided markdown files, scripts, and text dumps (referenced in SKILL.md). (2) Boundary markers: The SKILL.md contains strong negative constraints that instruct the agent to ignore any instructions potentially embedded in the source text. (3) Capability inventory: The skill has capabilities for file system writes, network requests, and command execution. (4) Sanitization: No explicit sanitization or escaping of the input text is performed before processing.

xiaohongshu-article-packager