The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes several powerful shell commands and system calls. The script scripts/setup_manim.sh uses sudo apt-get to install system-level software dependencies, requiring administrative access. The script scripts/check_env.py employs os.execv() to replace the current process with a Python interpreter from a virtual environment path. Furthermore, scripts/render.sh executes the Manim CLI tool to run animation scripts generated by the agent. Other scripts use subprocesses to call utilities like fc-match and node.
[EXTERNAL_DOWNLOADS]: The scripts/setup_manim.sh script installs various dependencies from remote sources, including official system package repositories (via brew or apt-get) and the Python Package Index (PyPI). These downloads are performed from well-known technology services and official software registries.
[PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection. User-supplied math concepts and parameters are used to generate storyboard markdown and Python animation scripts without the use of explicit boundary markers or input sanitization. Since these generated scripts are subsequently executed on the local system, this could allow specially crafted malicious input to influence the logic of the generated code or execute unauthorized commands.

math-explainer