The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The README.md file provides instructions for users to install pre-requisite software, including the Claude Code CLI and the uv package manager, using installation scripts from trusted domains (claude.ai and astral.sh). These commands use the piped-to-shell pattern for deployment but originate from established technology providers.
[COMMAND_EXECUTION]: Multiple Python scripts within the document-processing and literature-review components use subprocess.run() to invoke system utilities like pandoc, soffice (LibreOffice), and pdftoppm. These executions are scoped to specific tasks required for document conversion and appear to be implemented following standard practices.
[COMMAND_EXECUTION]: The resource detection script (detect_resources.py) executes system diagnostic commands such as nvidia-smi and rocm-smi to identify hardware capabilities. These operations are diagnostic in nature and consistent with optimizing the agent's performance.
[PROMPT_INJECTION]: The skill is designed to ingest and process large volumes of research data from external databases and academic literature. While this creates a potential surface for indirect prompt injection, the risk is inherent to the primary purpose of a research-oriented AI agent, and no explicit malicious patterns were detected in the instructions or logic.

claude-scientific-skills