The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/generate_schematic.py uses subprocess.run() to execute a secondary script (generate_schematic_ai.py) located within the same directory. This execution is used for internal coordination and relies on standard Python subprocess handling.
[EXTERNAL_DOWNLOADS]: The schematic generation functionality makes network requests to the OpenRouter API (openrouter.ai) using the requests library. This is the intended behavior for utilizing remote AI models to generate and critique images.
[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection within the schematic generation workflow. 1. Ingestion points: User-provided diagram descriptions are passed as CLI arguments to scripts/generate_schematic.py and subsequently interpolated into a prompt for a remote LLM. 2. Boundary markers: The prompt template in scripts/generate_schematic_ai.py uses basic text labels (e.g., 'USER REQUEST:') but lacks robust isolation or delimiters to prevent the model from following instructions embedded within the user's description. 3. Capability inventory: Across its scripts, the skill can execute local Python processes via subprocess.run, perform network POST requests, and write generated image data and logs to the local filesystem. 4. Sanitization: No validation or sanitization is performed on the user-supplied string before it is sent to the remote AI service.

scientific-critical-thinking