The Agent Skills Directory

[COMMAND_EXECUTION] (HIGH): The skill is vulnerable to path traversal during file saving. The save method in scientific_paper_figure_generator.py creates directories and writes files using the output argument without any path validation or sanitization. An attacker could provide a path like ../../.bashrc to overwrite critical system or configuration files.
[DATA_EXFILTRATION] (MEDIUM): The skill facilitates unauthorized file access via path traversal. The pd.read_csv call in the main execution block uses the user-provided --data path without validation, allowing the agent to be coerced into reading sensitive local files such as SSH keys or credentials if they can be parsed as CSV data.
[PROMPT_INJECTION] (HIGH): The skill presents an indirect prompt injection surface by ingesting untrusted external data. Ingestion points: scripts/scientific_paper_figure_generator.py (line 144) via pd.read_csv. Boundary markers: None implemented to distinguish data from instructions. Capability inventory: Substantial file system write capabilities via os.makedirs and fig.savefig. Sanitization: No validation, escaping, or filtering is performed on input data or file paths.

scientific-paper-figure-generator