The Agent Skills Directory

[SAFE]: All identified dependencies including matplotlib, seaborn, numpy, and google-genai are standard, reputable libraries for data science and AI. No malicious or suspicious external dependencies were found in the skill manifest or references.\n- [COMMAND_EXECUTION]: The skill facilitates the generation and execution of local Python plotting scripts (e.g., gen_fig_name.py). This is the core functionality of the skill and is implemented through clear templates that promote secure practices like sourcing API keys from the environment.\n- [SAFE]: Sensitive configuration for the Gemini API is managed via the GEMINI_API_KEY environment variable, avoiding hardcoded secrets and ensuring credentials are not exposed in generated code or instructions.\n- [PROMPT_INJECTION]: Analyzed the skill for indirect prompt injection surfaces as it processes user-provided research context and paper drafts. The risk is assessed as safe given the specific use case and structured prompt architecture for extraction. Ingestion points: research descriptions and results data. Boundary markers: absent. Capability inventory: Python script execution and LLM prompt generation. Sanitization: absent.

academic-plotting