The Agent Skills Directory

EXTERNAL_DOWNLOADS (HIGH): The documentation and scripts (SKILL.md, notebook_operations.py) instruct users to install the 'labarchives-py' package from an untrusted GitHub repository ('github.com/mcmero/labarchives-py'). This bypasses official package registries and introduces a high risk of remote code execution if the repository is compromised.
CREDENTIALS_UNSAFE (HIGH): The 'setup_config.py' script prompts for and saves institutional API passwords and user 'external application' passwords in a local 'config.yaml' file. Storing high-value research credentials in cleartext poses a significant data exposure risk.
Indirect Prompt Injection (HIGH): The skill handles untrusted external data with high-privilege capabilities. 1. Ingestion points: Fetches notebook content and metadata via the 'notebooks/notebook_backup' API (documented in api_reference.md). 2. Boundary markers: No delimiters or instructions are used to separate untrusted notebook content from agent instructions. 3. Capability inventory: The skill performs local file system writes ('notebook_operations.py', line 133) and is capable of creating/modifying notebook entries (SKILL.md, Section 4). 4. Sanitization: There is no evidence of sanitization or filtering of the HTML/XML content retrieved from the ELN API.
COMMAND_EXECUTION (MEDIUM): The skill facilitates the execution of local scripts ('setup_config.py', 'notebook_operations.py') that perform sensitive operations like credential management and data backup.

labarchive-integration