The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses Bash to perform environment checks, manage dependencies via pip/git, and control the pipeline lifecycle.- [EXTERNAL_DOWNLOADS]: Installs the researchclaw package from PyPI and provides instructions to clone the project repository from GitHub (github.com/aiming-lab/AutoResearchClaw). These sources are not on the internal trusted list but represent the upstream components for this skill.- [REMOTE_CODE_EXECUTION]: A central feature of the pipeline involves generating Python experiment code (Stage 10) and executing it (Stage 12). While human-approval gates are provided, the skill also supports an --auto-approve flag to skip these checks, which increases the risk when executing code derived from external inputs.- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface due to its data processing model.
Ingestion points: stage-3 (LITERATURE_SEARCH) fetches external papers from arXiv and Semantic Scholar APIs.
Boundary markers: The skill documentation does not specify the use of delimiters or safety instructions when processing retrieved literature.
Capability inventory: The agent has extensive shell access (Bash), code execution (Python/Docker), and file system permissions.
Sanitization: No explicit sanitization or validation of the ingested research content is defined in the skill logic.

researchclaw