The Agent Skills Directory

[COMMAND_EXECUTION]: The script 'tools/capture_thesis_screenshots.py' uses subprocess.run to execute npm commands for installing dependencies and managing Playwright browsers. Additionally, 'tools/render_mermaid.py' uses subprocess.run to invoke npx for rendering Mermaid diagrams. These executions are integral to the skill's documented workflow for thesis asset generation.
[EXTERNAL_DOWNLOADS]: The skill facilitates the download of Node.js packages and browser binaries through the npm registry as part of its automated setup in 'tools/capture_thesis_screenshots.py'. These downloads originate from well-known service providers and are used for the skill's intended browser automation functionality.
[PROMPT_INJECTION]: The skill is designed to ingest and process external content from user-provided thesis templates, sample papers (in DOCX and PDF formats), and project source code. This creates a surface for indirect prompt injection where instructions embedded in these files could potentially influence the agent's behavior during the thesis generation process.
Ingestion points: External data is ingested via 'tools/analyze_docx.py', 'tools/analyze_sample_pdf.py', and general file-reading logic in various prompts.
Boundary markers: The prompts suggest using delimiters to separate instructions from data, though they do not provide absolute isolation against adversarial content.
Capability inventory: The skill possesses capabilities for file system modification and shell command execution via its bundled Python and Node.js tools.
Sanitization: Content is subjected to formatting-related cleanup, but the skill lacks specific security sanitizers for preventing instruction injection from processed data.

lunwen