The Agent Skills Directory

[PRIVILEGE_ESCALATION]: The script scripts/install_deps.sh uses sudo to install system-level dependencies across multiple package managers (apt, dnf, pacman, etc.). This is also utilized in setup.sh and scripts/latex_diff.sh to ensure necessary tools like latexdiff are present.
[EXTERNAL_DOWNLOADS]: The skill performs runtime downloads from well-known registries. scripts/mermaid_to_image.sh uses npx to fetch and run @mermaid-js/mermaid-cli. Python scripts such as mail_merge.py, generate_chart.py, and csv_to_latex.py contain logic to automatically install missing dependencies using pip at execution time.
[COMMAND_EXECUTION]: Extensive use of shell commands and subprocess calls exists to bridge LaTeX compilers (pdflatex, xelatex), document converters (pandoc), and PDF utilities (qpdf, poppler-utils). This is standard for the skill's purpose but involves executing complex command lines with user-controllable arguments.
[DYNAMIC_EXECUTION]: Several Python scripts utilize __import__ to dynamically load modules after ensuring their presence through the automated installation logic.
[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted input from external PDF, TeX, and CSV files. SKILL.md correctly identifies this risk, instructing the agent to treat such content as untrusted and avoid executing embedded macros or scripts found within documents. This capability, combined with system-level access, constitutes a surface for indirect injection attacks.

latex-document-skill