The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/literature_parsing.py script executes the mineru command-line utility via subprocess.run(). It passes arguments derived from user input, specifically file paths. While it uses a list for command arguments to avoid shell injection and resolves paths to absolute ones, it still represents the execution of an external binary with input from untrusted sources.
[PROMPT_INJECTION]: The skill processes untrusted PDF files and converts them into Markdown, which is subsequently interpreted by the agent. This presents a surface for indirect prompt injection where malicious instructions embedded in a PDF document could trigger unintended behaviors in the AI agent.
Ingestion points: External PDF documents provided via the input parameter in scripts/literature_parsing.py.
Boundary markers: None; the extracted content is provided to the agent without specific delimiters or isolation instructions.
Capability inventory: The skill can execute the mineru tool and perform file system operations (read, write, delete) via shutil and pathlib.
Sanitization: No sanitization or instruction-filtering is applied to the text content extracted from the PDFs before it is presented to the agent.

literature-parsing