ebook-to-md

The skill `ebook-to-md` is designed to convert various document types to Markdown using Baidu OCR. It utilizes `subprocess.run` to invoke `ebook-convert` (Calibre) for MOBI/EPUB files and `requests` for Baidu OCR API calls and image downloads. The use of `subprocess.run` with a list of arguments for `ebook-convert` (in `scripts/ebook_to_md.py`) correctly prevents direct shell injection from user-controlled input paths. Environment variables `BAIDU_OCR_API_KEY` and `BAIDU_OCR_SECRET_KEY` are accessed as expected for API authentication. File system operations (reading input, writing output, creating temp files) are within the stated purpose and use safe Python `pathlib` and `tempfile` methods. No evidence of prompt injection in `SKILL.md`, unauthorized data exfiltration, persistence mechanisms, or other malicious intent was found.