The Agent Skills Directory

[PROMPT_INJECTION]: The skill instructions in templates/program.md explicitly command the agent to "NEVER STOP" and "LOOP FOREVER." It directs the agent to bypass human-in-the-loop safety protocols by stating it should "not pause to ask the human whether to continue between batches" and continue operating "indefinitely until manually stopped." This constitutes a deliberate override of standard AI agent safety constraints.
[COMMAND_EXECUTION]: The templates/launcher.py file uses subprocess.Popen to execute shell commands. It supports running local Python processes and submitting jobs to a Slurm cluster via sbatch. The Sbatch class dynamically generates bash scripts containing environment variables and execution logic before running them via the shell.
[REMOTE_CODE_EXECUTION]: The skill facilitates the execution of agent-generated code. The templates/launcher.py script dynamically imports Python modules created by the agent (train_k.py) and executes them using importlib.import_module and subprocess. This enables a high-capability surface where the agent runs arbitrary code it has authored.
[PROMPT_INJECTION]: The orchestrator agent relies on findings.md for context, a file that is progressively updated with data and summaries from autonomous subagent runs. This creates a surface for indirect prompt injection where experimental data or subagent outputs could influence the orchestrator's future logic and hypotheses.
Ingestion points: findings.md (read by orchestrator as described in templates/program.md under "Setup" and "The experiment loop").
Boundary markers: Absent; the file is a standard markdown log.
Capability inventory: Shell command execution and dynamic module loading capabilities are present in templates/launcher.py.
Sanitization: Absent; the orchestrator processes the markdown file without validation or sanitization of the embedded text.

autoresearch-setup