The Agent Skills Directory

[SAFE]: The skill provides legitimate educational content for researchers, focusing on ethical practices like respecting robots.txt and implementing rate limiting. No malicious code or hidden exfiltration patterns were found.
[PROMPT_INJECTION]: An indirect prompt injection attack surface is present because the skill is designed to ingest content from untrusted external web sources. (1) Ingestion points: Data is fetched using requests, Playwright, and the scholarly library. (2) Boundary markers: The provided examples do not implement specific delimiters to isolate untrusted content from the agent's instructions. (3) Capability inventory: The skill demonstrates capabilities for file writing, network requests, and CLI tool execution. (4) Sanitization: The documentation mentions HTML stripping and basic text cleaning, though not specifically as a security measure against prompt injection.
[EXTERNAL_DOWNLOADS]: The guides detail downloading research data and configurations from well-known and reputable services such as Kaggle, Hugging Face, Zenodo, and various academic repositories. These operations include integrity checks such as SHA-256 verification and are standard for research workflows.

scraping-skills