The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The setup instructions in references/julia_mcp_setup.md require cloning and executing code from an unverified third-party repository (github.com/aplavin/julia-mcp). It specifically instructs the user to run a Python server (server.py) from this untrusted source using uv run to enable the skill's functionality.
[EXTERNAL_DOWNLOADS]: The skill relies on software hosted on a personal GitHub account (aplavin) that does not belong to a trusted organization or well-known service, bypassing standard security verification for dependencies.
[COMMAND_EXECUTION]: The skill provides the agent with the julia_eval tool, designed to execute arbitrary Julia code. This capability provides a direct path for the agent to perform unauthorized system operations or access sensitive data if it is misdirected by malicious input.
[PROMPT_INJECTION]: The workflow involves reading and executing local files (e.g., using include on files in the scripts/ directory). This creates a surface for indirect prompt injection where an attacker could place malicious Julia code in a project file that the agent then unknowingly executes. The skill lacks sanitization or boundary markers to prevent the execution of embedded instructions in these data sources.

julia-vibe-coding