The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to execute local scripts and utilities including tools/figure_renderer.py for rendering/validation, rsvg-convert for PDF conversion, and tools/save_trace.sh for logging. These operations are restricted to the local environment and are standard for the skill's stated purpose.
[DATA_EXFILTRATION]: The skill documentation explicitly states that it runs fully locally without external API calls or network requirements, which mitigates risks of unauthorized data transmission.
[INDIRECT_PROMPT_INJECTION]: The skill processes user input and project files (e.g., PAPER_PLAN.md) to generate diagram specifications. It mitigates injection risks through a documented validation process: 1) Ingestion points: $ARGUMENTS and local project documents; 2) Boundary markers: JSON schema validation is enforced; 3) Capability inventory: Bash(*), Read, Write, and Edit permissions are used for local processing and file management; 4) Sanitization: Input is validated against a schema via the figure_renderer.py validate command prior to rendering.

figure-spec