The Agent Skills Directory

[COMMAND_EXECUTION]: The skill is configured to use the Bash tool to interact with the project filesystem and manage LaTeX source files. The instructions guide the agent to locate paper roots, read directory structures using Glob, and perform edits on LaTeX files to integrate drafted prose. These operations are within the scope of a document writing assistant.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted data from academic project environments.
Ingestion points: The agent ingests data from external sources including LaTeX (.tex) files, BibTeX databases, and various project-specific markdown files located in the paper/ directory.
Boundary markers: The skill does not define specific delimiters or instructions to treat the content of these processed files as untrusted data, which could allow malicious instructions embedded in a paper's source or bibliography to influence agent behavior.
Capability inventory: The skill has access to powerful tools including Bash, Write, Edit, WebSearch, and WebFetch. If exploited via indirect injection, these could be used for unauthorized file modifications or data exfiltration.
Sanitization: There are no sanitization steps or validation routines specified for the content retrieved from the user's project files or BibTeX entries.

related-work-positioning-writer