The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/launch_paperspine_ui.sh is vulnerable to shell command injection. It constructs a command string by interpolating the OUTPUT_DIR variable (taken from user input) into a string that is subsequently executed via bash -c, gnome-terminal, or osascript. If the directory name provided contains shell special characters or command substitutions (e.g., $(...)), they will be executed in the context of the terminal.
[COMMAND_EXECUTION]: Instructions in SKILL.md and references/interactive-intake.md advise the user or agent to run PowerShell commands using the -ExecutionPolicy Bypass flag. This bypasses system-level security controls designed to prevent the execution of potentially malicious or unsigned scripts.
[COMMAND_EXECUTION]: The file scripts/intake_wizard.py uses the os.system() function to manage console settings and clear the screen. While the specific commands executed in this skill (cls, clear, chcp) are hardcoded and benign, the use of os.system() is a legacy practice that is generally less secure than using the subprocess module for interacting with the operating system.

paper-spine-intake