The Agent Skills Directory

[COMMAND_EXECUTION]: The script executes a sibling search script using the subprocess.run method. Evidence: Found in scripts/arxiv_monitor.py within the _run_search function. The implementation correctly passes arguments as a list rather than a shell string, which is a secure practice that prevents shell injection vulnerabilities.\n- [DATA_EXFILTRATION]: The skill retrieves research paper metadata from the well-known arXiv service (export.arxiv.org). Evidence: The script initiates network-based searches via its dependency to fetch scholarly data. This activity is essential to the skill's primary purpose and targets a recognized scientific repository.\n- [PROMPT_INJECTION]: The skill processes content from the external arXiv repository, creating an indirect prompt injection surface. 1. Ingestion points: Data enters the agent's context through JSON results returned by the arxiv-search subprocess in scripts/arxiv_monitor.py. 2. Boundary markers: The instructions do not explicitly require delimiters for separating untrusted paper titles or summaries from agent instructions. 3. Capability inventory: The skill has the ability to execute subprocesses and write to the local file system. 4. Sanitization: External metadata is processed and presented without specific filtering or sanitization steps.

arxiv-monitor