The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute a local Python script located at /home/weizhena/.codex/skills/research/validate_json.py to validate output files. While this is a vendor-owned resource, it is executed with arguments derived from external configuration files.
[INDIRECT_PROMPT_INJECTION]: The skill ingests research items and configuration parameters from an external outline.yaml file to drive sub-agent tasks.
Ingestion points: The skill reads */outline.yaml to retrieve variables like {topic}, {item_name}, and {output_dir}.
Boundary markers: The prompt template uses triple quotes to delimit the task description but lacks explicit instructions to ignore embedded commands within the research items.
Capability inventory: The skill has the capability to execute shell commands (python script execution) and perform web searches via a background agent.
Sanitization: While the skill performs slugification on item names, other fields like {fields_path} and {output_path} are constructed from YAML input without explicit validation, potentially allowing for argument injection if the configuration file is compromised.

research-deep