The Agent Skills Directory

[SAFE]: The skill's primary logic is focused on parsing research papers and generating citation-anchored code templates. No malicious instructions, obfuscation, or unauthorized data access patterns were identified.
[PROMPT_INJECTION]: The skill processes untrusted external data (PDFs and web pages from arXiv and OpenReview). While this presents a surface for indirect prompt injection, the risk is mitigated by explicit guardrails (e.g., in guardrails/hallucination_prevention.md and guardrails/scope_enforcement.md) that instruct the agent to ignore prose and only implement details that are formally specified and cited. Boundary markers are used throughout the acquisition and audit stages to ensure data integrity.
[EXTERNAL_DOWNLOADS]: The skill performs network requests to fetch research papers. These requests target established academic domains such as arxiv.org and openreview.net. These are well-known services and the data retrieved is used strictly for its intended purpose of code generation.
[COMMAND_EXECUTION]: Shell commands are used within the skill to execute local helper scripts (fetch_paper.py, extract_structure.py) and to manage standard Python dependencies. No unsafe command injection or privilege escalation patterns were detected.

paper2code