The Agent Skills Directory

[PROMPT_INJECTION]: The SKILL.md file contains instructions that attempt to bypass the agent's autonomous decision-making by mandating specific actions. It states that 'Scientific schematics should be generated by default' and instructs the agent to 'always consider adding scientific diagrams', which functions as a behavioral override.
[PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection.
Ingestion points: Untrusted data from web and academic sources is ingested via the lookup method in scripts/research_lookup.py through the Perplexity API.
Boundary markers: Absent. The skill does not use delimiters or instructions to warn the agent about potential commands embedded in the search results.
Capability inventory: The agent is granted Bash, Read, Write, and Edit permissions, which could be exploited if malicious content in a search result triggers an action.
Sanitization: None. The raw text response from the external API is returned directly to the agent's context.
[EXTERNAL_DOWNLOADS]: Documentation in SKILL.md refers to an external scientific-schematics skill and a script named scripts/generate_schematic.py that are not included in the skill's file list. This creates a dependency on external or missing code that the agent is prompted to use.
[COMMAND_EXECUTION]: The skill provides and encourages the execution of specific command-line operations (e.g., python scripts/generate_schematic.py "description" -o figures/output.png) as a default behavior for document creation, which increases the execution surface of the skill.

research-lookup