The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill retrieves academic content from public sources like ArXiv and general web searches to perform its research functions. This is consistent with its stated purpose of tracing paper lineages.
[DATA_EXFILTRATION]: No exfiltration patterns were found. The skill writes research notes to a local directory (~/Documents/notes/) for the user's benefit, without sending sensitive information to external servers.
[PROMPT_INJECTION]: The instructions are task-oriented and do not contain any attempts to bypass safety filters, extract system prompts, or override the agent's core instructions.
[COMMAND_EXECUTION]: Uses system commands for generating formatted timestamps and managing file names for note organization, which are benign operations in the context of file management.
[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data (PDFs and web pages) and has the capability to write files to the local system. While this presents a standard attack surface for indirect prompt injection, the specific instructions to extract structured academic data (authors, critiques, dates) minimize the likelihood of executing malicious instructions embedded in research papers.

ljg-paper-river