The Agent Skills Directory

[COMMAND_EXECUTION]: The dependency installer in scripts/install_deps.sh utilizes sudo to perform system-level package installations (e.g., TeX Live, Poppler). This grants the skill administrative access to the host environment.- [COMMAND_EXECUTION]: The scripts/pdf_encrypt.sh script accepts user and owner passwords as command-line arguments, which exposes these credentials in the system's process list (ps) and shell history.- [EXTERNAL_DOWNLOADS]: The scripts/plantuml_to_pdf.sh script fetches the PlantUML executable JAR from its official GitHub repository at runtime.- [EXTERNAL_DOWNLOADS]: The scripts/mermaid_to_image.sh script uses npx to download and execute the @mermaid-js/mermaid-cli package from the npm registry.- [REMOTE_CODE_EXECUTION]: Documentation in references/beamer-guide.md and references/visual-packages.md suggests using the -shell-escape flag with LaTeX compilers to support certain features like syntax highlighting. This flag allows the LaTeX compiler to execute arbitrary shell commands, which poses a significant security risk when processing untrusted document content.- [PROMPT_INJECTION]: The PDF-to-LaTeX conversion pipeline described in references/pdf-conversion.md processes document images using a vision model. This represents a surface for indirect prompt injection if the source documents contain malicious instructions embedded within the text images.

latex-document