The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes external system commands using subprocess.run in scripts/generate_pdf.py and scripts/generate_schematic.py. These calls are used to invoke pandoc for document conversion and a local Python script for schematic generation. The commands are constructed using lists rather than shell strings, which prevents shell injection, and are necessary for the skill's core functionality.
[EXTERNAL_DOWNLOADS]: The scripts/verify_citations.py and scripts/generate_schematic_ai.py scripts perform outgoing network requests to well-known and reputable services, including doi.org, api.crossref.org, and openrouter.ai. These requests are used to fetch publication metadata and interact with LLM services for diagram creation. These interactions are documented neutrally as they involve established scientific and technology service providers.
[PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes external, untrusted content from academic databases. (1) Ingestion points: Data enters the agent context through scripts/search_databases.py (processing JSON search results) and scripts/verify_citations.py (retrieving metadata from the CrossRef API). (2) Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore potentially malicious directions embedded in the retrieved paper abstracts or titles. (3) Capability inventory: The agent has access to the Bash tool and scripts that execute sub-processes (scripts/generate_pdf.py, scripts/generate_schematic.py). (4) Sanitization: The skill does not implement specific sanitization or filtering of the text content retrieved from external databases before it is synthesized into the final review documents.

literature-review