The Agent Skills Directory

[SAFE]: The skill focuses on academic document standardization and provides templates and scripts for citation management and style review. No malicious patterns were found across any of the analyzed files.
[PROMPT_INJECTION]: The skill processes untrusted data from external PDF files and project source code, creating an indirect prompt injection surface. However, this is consistent with its role as a research assistant.
Ingestion points: PDF files via scripts/extract_pdf_references.py and source code directories via scripts/build_project_evidence.py.
Boundary markers: None explicitly defined in the provided templates to isolate extracted text from instructions.
Capability inventory: File writing (logs and reports), execution of bundled Python scripts, and structured data generation.
Sanitization: Content extracted from PDFs or source code is used directly in drafting without explicit sanitization or filtering logic.
[COMMAND_EXECUTION]: The agent is instructed to run specific bundled Python scripts. These scripts perform deterministic tasks like file parsing, regex-based style analysis, and metadata extraction. No arbitrary command execution patterns derived from untrusted input were detected.
[EXTERNAL_DOWNLOADS]: The documentation mentions harvesting literature from scholarly APIs and downloading PDFs. The harvest scripts are missing from the analyzed bundle, but the described functionality targets legitimate academic sources for thesis support.

thesis-standardizer