The Agent Skills Directory

[SAFE] (SAFE): Analysis across all 10 threat categories indicates the skill is benign. It provides organizational templates and workflows for academic research without executing dangerous commands or accessing sensitive files.
[Indirect Prompt Injection] (LOW): The skill processes external data from arXiv, which is a theoretical surface for indirect prompt injection. 1. Ingestion points: Research paper content is ingested via arxiv_get_paper, arxiv_query_paper, and arxiv_convert_to_markdown as defined in SKILL.md. 2. Boundary markers: The skill utilizes structured Markdown templates to separate analysis from content, though it lacks explicit instructions for the agent to ignore commands within papers. 3. Capability inventory: The agent is restricted to searching, reading, and synthesizing text; it has no capabilities for file-system writing, arbitrary code execution, or unauthorized network exfiltration. 4. Sanitization: No sanitization or filtering of external text is specified.

arxiv-research