The Agent Skills Directory

[DATA_EXFILTRATION]: No evidence of commands accessing sensitive system paths (~/.ssh, ~/.aws, .env) or hardcoded credentials was found across the 44 analyzed files. Access to external URLs is restricted to academic databases (ERIC, Scopus, etc.) and research integrity services (Retraction Watch, Crossref).
[COMMAND_EXECUTION]: The skill uses tectonic and pandoc for document processing. These are legitimate, industry-standard tools for LaTeX compilation and multi-format document conversion. Shell commands are used transparently within the documentation to guide the agent in generating user-requested outputs.
[REMOTE_CODE_EXECUTION]: The visualization_agent generates Python (matplotlib/seaborn) and R (ggplot2) code for data visualization based on the paper's results. This code is delivered to the user as part of the output package. No patterns of executing arbitrary remote code or persistent backdoors were detected.
[PROMPT_INJECTION]: The skill is heavily focused on academic standards and doctoral-level mentoring. There are no attempts to override agent safety filters or bypass system constraints. The interaction model is structured as a series of checkpoints and interactive configurations.
[SAFE]: The skill processes untrusted external data, such as reviewer comments and literature summaries, which is an inherent surface for indirect prompt injection. However, the multi-agent orchestration and mandatory adherence to fixed academic templates (IMRaD, Case Study, etc.) provide structural boundaries that mitigate this risk.

academic-paper