The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the allowed Bash tool to run a local Python-based renderer (tools/figure_renderer.py) and the rsvg-convert utility for PDF generation.
[PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill ingests untrusted data from $ARGUMENTS and external project files such as PAPER_PLAN.md or NARRATIVE_REPORT.md to derive diagram goals. Ingestion points: $ARGUMENTS and referenced markdown files. Boundary markers: None identified in the prompt logic. Capability inventory: Bash command execution, file system writes, and external model review calls. Sanitization: The skill performs schema validation via a dedicated validate command, which ensures structural integrity of the generated JSON but does not sanitize malicious natural language intent within the input data.

figure-spec