The Agent Skills Directory

[PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill processes untrusted data from external sources including arXiv abstracts, Semantic Scholar metadata, and web search results. A malicious paper abstract could contain instructions intended to influence the agent's behavior during the synthesis phase.
Ingestion points: WebSearch results, arXiv API results, Semantic Scholar API results, Exa search results, and local PDF content (SKILL.md).
Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore' instructions when processing external abstracts.
Capability inventory: Bash (command execution), Write (file modification), mcp__obsidian-vault__* (vault access), WebFetch (network access).
Sanitization: Not present. Content from external APIs is used directly for analysis and synthesis.
[COMMAND_EXECUTION]: The skill utilizes shell scripts to locate and execute local Python helper scripts (e.g., arxiv_fetch.py, semantic_scholar_fetch.py). The research topic provided by the user is interpolated into these shell commands. While standard for this author's skills, it represents a potential surface for argument injection if the platform does not provide robust escaping for the $ARGUMENTS variable.
[EXTERNAL_DOWNLOADS]: The skill fetches research metadata and optional PDFs from well-known academic services including arXiv, Semantic Scholar, and Exa. These operations are consistent with the skill's stated purpose and target established, reputable research infrastructure.

research-lit