The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (LOW): The skill documentation recommends installing the arxiv Python package from PyPI. While this is a standard package for this utility, it constitutes an external dependency.
[PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection because it processes and displays abstracts from the arXiv repository. An attacker could theoretically publish a paper with an abstract containing malicious instructions.
Ingestion points: Data returned from arXiv API (titles and summaries).
Boundary markers: None identified in documentation or script usage.
Capability inventory: Execution of local Python scripts via shell.
Sanitization: No explicit sanitization of API content mentioned.

arxiv-search