The Agent Skills Directory

[PROMPT_INJECTION]: The skill instructions explicitly command the agent to override standard human-in-the-loop safety protocols.
Evidence in SKILL.md: "Run commands automatically, complete workflows end-to-end, never ask unnecessary questions."
Evidence in references/usage.md: "Hands-free execution: Run all commands automatically without asking for permission. Never ask 'Want me to...?' or 'Should I...?' — just do it."
[COMMAND_EXECUTION]: The skill's core functionality relies on the automated execution of shell commands for environment setup and workflow management.
Evidence in references/setup.md: Uses pip install, amina auth status, and environment checks (which python, python --version).
Evidence in references/usage.md: Provides patterns for amina run, amina jobs wait, and amina jobs download for various scientific tools.
[EXTERNAL_DOWNLOADS]: The skill automates the installation of software packages from public registries.
Evidence in references/setup.md: Instructions to upgrade the vendor's package amina-cli and install third-party libraries biopython and matplotlib via pip or uv.
[DATA_EXFILTRATION]: While not directly exfiltrating data, the skill ingests untrusted data from external sources, presenting a vulnerability to indirect prompt injection.
Ingestion points: The skill reads PDB, FASTA, and CSV files, and uses WebSearch to retrieve protein data from the internet.
Boundary markers: No explicit delimiters or instructions to ignore embedded commands within processed files are provided.
Capability inventory: The agent has the ability to execute shell commands and modify the Python environment.
Sanitization: No sanitization of external file content or search results is performed before the data influences agent actions.

amina-init