The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructions direct the agent to execute system commands including pdflatex, bibtex, grep, and rg to compile LaTeX documents and parse log files derived from user-provided content.
[REMOTE_CODE_EXECUTION]: The skill employs dynamic execution by instructing the agent to generate a Python script (convert_format.py) that incorporates content and logic parsed from untrusted external LaTeX files. Running this dynamically generated script on the host system creates a risk of arbitrary code execution if the input data is maliciously crafted to manipulate the script's behavior.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted academic papers and templates which may contain embedded instructions designed to influence the agent's behavior during the conversion process.
Ingestion points: Untrusted source .tex files and target template directories (SKILL.md).
Boundary markers: None identified; the skill does not specify the use of delimiters or instructions to ignore embedded commands within the ingested LaTeX content.
Capability inventory: Ability to generate and execute Python scripts, and perform shell command execution via pdflatex and bibtex (SKILL.md).
Sanitization: No evidence of sanitization or validation of LaTeX macros or commands before they are processed by the generated script or the system compiler.

latex-paper-conversion