The Agent Skills Directory

[PROMPT_INJECTION]: The skill scientify-idea-generation contains the explicit directive "Don't ask permission. Just do it.". This instruction attempts to override the agent's standard behavior of seeking user confirmation before performing potentially sensitive operations like executing shell commands or downloading files.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing external, untrusted content from research papers.
Ingestion points: Reading paper content and source files from ArXiv (arxiv.org) and the local workspace ($WORKSPACE/papers/).
Boundary markers: Not present. No delimiters or instructions are provided to the agent to disregard potential commands embedded within the processed literature.
Capability inventory: The agent is empowered to execute shell commands (git clone, curl, pip) which could be misdirected by instructions found in papers.
Sanitization: None. Data from external sources is processed without validation or filtering.
[EXTERNAL_DOWNLOADS]: The skill automates the retrieval of code and data from several well-known research and software platforms:
Clones the Parsifal SLR tool from its official GitHub repository.
Fetches scientific paper sources from ArXiv (arxiv.org).
Accesses research project metadata and files from the Open Science Framework (api.osf.io).
Installs the ASReview active learning package.
[COMMAND_EXECUTION]: The skill provides numerous shell commands for the agent to execute, including repository cloning (git clone), software installation (pip install), and automated file system management (mkdir, tar, cat).

methodology-skills