The Agent Skills Directory

[SAFE]: A detailed security audit of the skill's 17 files (Python scripts, LaTeX templates, and extensive documentation) found no evidence of malicious intent, prompt injection, or data exfiltration.
[COMMAND_EXECUTION]: The skill utilizes subprocess.run to orchestrate internal scripts and to compile LaTeX documents using pdflatex. These calls are implemented safely using argument lists rather than shell strings, effectively preventing command injection vulnerabilities.
[EXTERNAL_DOWNLOADS]: The skill communicates with the well-known and legitimate OpenRouter API (openrouter.ai) to generate and review presentation slides. This network activity is central to the skill's purpose and is performed using standard Python libraries.
[CREDENTIALS_UNSAFE]: The skill follows security best practices for API key management. It instructs users to provide credentials through environment variables or local .env files and includes logic to load these securely, avoiding hardcoded secrets.
[REMOTE_CODE_EXECUTION]: No patterns of untrusted remote code execution were found. The skill relies on well-known, versioned Python packages from standard registries (e.g., PyMuPDF, Pillow, requests) for its core functionality.

scientific-slides