The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a local Python script (scripts/generate_image.py) to manage API requests and save images. This is a standard and safe implementation for agent tasks that requires complex logic or specific API handling.
[EXTERNAL_DOWNLOADS]: The skill communicates with Google's Gemini API at https://generativelanguage.googleapis.com. This is a well-known service and the interaction is necessary for the skill's primary function of image generation.
[PROMPT_INJECTION]: The skill processes untrusted article content to generate image prompts, creating a surface for indirect prompt injection. (1) Ingestion points: Article content is read from the user's environment in SKILL.md. (2) Boundary markers: No specific delimiters or instructions are used to isolate the untrusted article text during prompt construction. (3) Capability inventory: The generate_image.py script has permissions to write files to the local file system and initiate network requests to the Gemini API. (4) Sanitization: No input validation or sanitization of the article content is performed before it is incorporated into prompts.

article-batch-illustration