The Agent Skills Directory

[COMMAND_EXECUTION]: The skill requires the agent to execute shell commands like latexmk -pdf and python3 generate_slides.py to automate the slide generation workflow. This is a standard and expected behavior for a developer-oriented automation skill.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it processes untrusted research papers in PDF or LaTeX formats to extract slide content.
Ingestion points: Research papers (PDF or LaTeX source) provided by the user.
Boundary markers: Absent. The instructions do not define delimiters or provide specific guidance to the agent to ignore instructions embedded in the ingested documents.
Capability inventory: The skill can read/write files and execute shell commands (latexmk, python3), which could be abused if malicious instructions in a paper are followed.
Sanitization: No sanitization or validation of the extracted paper content is performed before processing.
[REMOTE_CODE_EXECUTION]: The skill employs dynamic script execution (Category 10) by generating a Python script (generate_slides.py) from an internal template and then executing it. While the code is sourced from the skill's own references, executing dynamically generated code is a significant capability.

presenting-conference-talks