The Agent Skills Directory

[COMMAND_EXECUTION]: The skill's primary function is to generate and write executable Bash scripts (.sbatch) to the filesystem. It employs the shlex.quote library to sanitize user-provided commands and environment variable values within the generated scripts, effectively mitigating the risk of command injection during the execution of the generated jobs.
[PROMPT_INJECTION]: The skill contains an indirect prompt injection surface where user-supplied resource parameters and advanced flags are interpolated into the output script without complete shell-sanitization.
Ingestion points: Resource metadata parameters (partition, account, qos, constraint) and the srun_extra argument in scripts/slurm_script_generator.py are interpolated directly into the script body.
Boundary markers: Absent; inputs are directly appended to #SBATCH directives or the srun command line without escaping characters like newlines or semicolons.
Capability inventory: The skill is capable of generating executable content and possesses the Write and Bash tool permissions to manage and run these files.
Sanitization: The implementation correctly applies shlex.quote to the primary command and working directory strings, protecting the most sensitive execution paths. However, metadata-level directives and advanced flags like srun_extra remain unsanitized, representing a potential injection surface if inputs are sourced from untrusted data.
[SAFE]: No malicious patterns, such as hardcoded credentials, data exfiltration, obfuscated content, or unauthorized remote downloads, were detected. The skill logic is transparent and relies exclusively on Python standard libraries.

slurm-job-script-generator