md-2-pdf

The skill's primary function is to convert markdown to PDF. The `SKILL.md` instructions are benign and do not contain prompt injection attempts. The `scripts/md-to-pdf.py` script, however, includes functionality to embed images referenced in the input markdown. This feature allows the script to read arbitrary local files (if they are valid image formats) from paths specified in the markdown (e.g., ``). While the skill itself does not exfiltrate the generated PDF or its content, this capability represents a potential local information disclosure risk if the agent processes untrusted markdown, as sensitive local images could be embedded into the output PDF.