The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/generate_schematic.py uses subprocess.run to coordinate between internal Python scripts. This implementation uses a static command list to prevent argument injection and does not utilize shell=True, following security best practices.
[EXTERNAL_DOWNLOADS]: The skill interfaces with the well-known OpenRouter API (openrouter.ai) to provide AI-powered scientific image generation. The implementation correctly handles user-provided API keys via environment variables or arguments, adhering to standard secret management practices for external services.
[PROMPT_INJECTION]: The skill processes scientific claims and research papers provided by the user. While this ingestion of untrusted data represents a potential surface for indirect prompt injection, the skill is focused on evaluation and critique rather than automated execution of data-driven commands. The risk is minimal and inherent to the skill's analytical purpose.

scientific-critical-thinking