The Agent Skills Directory

[COMMAND_EXECUTION]: The skill's generate_image tool for statistical plots is designed to automatically generate and execute Python code (using matplotlib and seaborn) at runtime based on generated descriptions.\n- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection. It ingests untrusted methodology text and figure captions from users which are used to generate visual descriptions and, subsequently, executable code. There is a lack of input sanitization or explicit boundary markers to prevent instructions within the methodology text from being interpreted by the LLM as commands.\n
Ingestion points: source_context and caption parameters in SKILL.md and associated prompt files.\n
Boundary markers: None. The system uses basic curly brace interpolation for untrusted content.\n
Capability inventory: The skill has the capability to generate and execute arbitrary Python code via the visualizer.txt prompt in the generate_image tool.\n
Sanitization: No filtering or validation of the input methodology text is performed before it is used in code-generation prompts.

diagram-gen