The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill is designed to process untrusted external data, such as user-provided research papers and human reviewer comments from journals (Stages 2.5, 3, 4, and 4.5). This ingestion of external text into the agent's context presents a surface for indirect prompt injection attacks. However, the risk is mitigated by the skill's architecture.
Ingestion points: SKILL.md (Stage 3 REVIEW, Stage 2.5 INTEGRITY), agents/integrity_verification_agent.md (content analysis phases).
Boundary markers: The workflow mandates human-in-the-loop checkpoints after every stage, ensuring the user reviews and confirms outputs before the pipeline proceeds.
Capability inventory: The system can trigger document compilation via the tectonic and pandoc shell utilities.
Sanitization: The integrity_verification_agent.md specifies a 'Zero Tolerance' mandate and rigorous multi-phase verification protocols (Phase A-E) that cross-reference all claims and citations against external authoritative sources, which serves as a robust validation gate for ingested content.
[COMMAND_EXECUTION]: The skill utilizes the standard academic formatting utilities tectonic and pandoc to perform LaTeX to PDF compilation and document format conversion. These operations are essential to the skill's primary function of finalizing academic papers.
Evidence: Found in SKILL.md (Stage 5: FINALIZE, Stage 6: PROCESS SUMMARY) and agents/pipeline_orchestrator_agent.md.
Context: The usage is limited to established scientific tools and occurs within the intended finalization stages of the academic workflow.

academic-pipeline