The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes cat and ls on local directories to check project status and list files in the papers directory.
[PROMPT_INJECTION]: The instruction "Don't ask permission. Just do it." is included in the skill documentation, which is a pattern associated with attempts to bypass agent confirmation dialogs or user oversight.
[PROMPT_INJECTION]: The skill processes untrusted research papers from the filesystem, creating a surface for indirect prompt injection where malicious instructions embedded in a paper could influence agent behavior. Ingestion points: Research papers located in $WORKSPACE/papers/. Boundary markers: Absent; paper content is processed without explicit delimiters or instructions to ignore embedded commands. Capability inventory: Command execution (cat, ls) and file system writing to $WORKSPACE/review/. Sanitization: Absent; the skill does not specify any validation or filtering of external paper content.

scientify-write-review-paper