The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). Ingestion points: User-provided LaTeX (.tex) and BibTeX (.bib) files processed in scripts like nsfc_qc_precheck.py. Boundary markers: The thread prompt in run_parallel_qc.py provides task instructions and defines the RESULT.md structure. Capability inventory: The skill can execute local commands via subprocess.run (e.g., in nsfc_qc_run.py and nsfc_qc_compile.py) and write reports to the project directory. Sanitization: LaTeX comments are stripped before processing, but the natural language content is otherwise unvalidated.
[COMMAND_EXECUTION]: Several scripts, including nsfc_qc_run.py, run_parallel_qc.py, and nsfc_qc_compile.py, use subprocess.run to execute local shell commands. These commands are used to invoke other skill scripts, local TeX utilities (xelatex, bibtex), and PDF tools (pdfinfo, qpdf) for proposal analysis and compilation.
[EXTERNAL_DOWNLOADS]: The nsfc_qc_precheck.py script performs network operations to fetch metadata from Crossref, arXiv, and Unpaywall. It can also download PDFs from these services if the fetch_pdf option is enabled. These operations target well-known academic services for the purpose of verifying references within the proposal. The script also performs HTTP HEAD requests to verify the accessibility of user-provided URLs in BibTeX files.

nsfc-qc