The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches bibliographic metadata from the Crossref REST API (api.crossref.org). Crossref is a well-known, authoritative service for scholarly metadata and its use is consistent with the skill's documented purpose.- [COMMAND_EXECUTION]: The skill uses a local Python script (scripts/nature_citation.py) to perform searches and process exports. This script relies entirely on Python's standard library and demonstrates secure handling of network requests and file outputs.- [DATA_EXFILTRATION]: Analysis of the skill's code and instructions found no evidence of sensitive data access or exfiltration. All network communication is directed to the Crossref API for fetching research metadata.- [PROMPT_INJECTION]: The skill manages an indirect prompt injection surface where external metadata from search results is processed. This is handled safely through robust sanitization and instructional guardrails.
Ingestion points: User-provided manuscript text and bibliographic metadata (titles, abstracts) from api.crossref.org enter the context via scripts/nature_citation.py.
Boundary markers: The agent is instructed to mark all candidates as 'metadata-only' and use a conservative support scale to ensure manual verification.
Capability inventory: The skill can perform network lookups on Crossref and write citation files and HTML visualization reports to the local file system.
Sanitization: The script implements comprehensive escaping (html.escape and xml.sax.saxutils.escape) to sanitize external metadata before rendering it in reports and exports.

nature-citation