The Agent Skills Directory

[Privilege Escalation] (SAFE): The documentation in assets/STYLING_QUICK_REFERENCE.md provides instructions for a human user to run sudo tlmgr to install LaTeX packages. This is a standard administrative task and is not executed autonomously by the agent code.\n- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file access, or network operations were identified. The Python scripts perform local file operations for template copying and content validation only.\n- [Dynamic Execution] (SAFE): The provided Python scripts do not use dynamic code execution functions like eval() or exec(), nor do they spawn subprocesses. All logic is static and focused on string matching and file management.\n- [Indirect Prompt Injection] (LOW): The scripts/check_completeness.py script ingests user-provided .tex files for validation, which constitutes a data ingestion surface.\n
Ingestion points: The script reads file contents via the read_file function (line 156 in scripts/check_completeness.py).\n
Boundary markers: None are present to separate the analyzed text from potential embedded instructions.\n
Capability inventory: The skill has file system read/write capabilities but lacks network access or the ability to execute system commands.\n
Sanitization: The input is analyzed using regular expressions for pattern matching; the content is never interpreted as code or executable instructions.

treatment-plans