The Agent Skills Directory

[PROMPT_INJECTION]: Indirect Prompt Injection Risk. The skill reads external, potentially untrusted content from LaTeX source files (.tex), bibliography files (.bib), and project documentation (README.md, CLAUDE.md) to generate companion book chapters.
Ingestion points: The agent reads content from paper source files and project documentation in Phase 1 and Phase 3 to draft substantive prose.
Boundary markers: No explicit delimiters or "ignore embedded instructions" warnings are provided to separate the source data from the agent's internal instructions.
Capability inventory: The agent is granted extensive capabilities, including Bash, Write, Edit, and the ability to manage system services via launchctl.
Sanitization: There is no evidence of filtering or escaping content ingested from the paper source files before it is processed by the agent or written to the vault.
[COMMAND_EXECUTION]: Local System and Service Management. The skill performs several shell-based operations on the local machine.
File System Operations: Uses Bash to create directories, copy bibliography and figure files, and manipulate file extensions.
Image Conversion: Executes pdftoppm to convert PDF figures to PNG format.
Service Management: Uses launchctl to stop and start a local service (com.user.atlas).
Script Execution: Runs a local Python script located at ~/Task-Management/.scripts/update_atlas_book_url.py.
Network Verification: Performs a curl request against localhost:8770 to verify the local service is running correctly.

init-paper-book