The Agent Skills Directory

[COMMAND_EXECUTION]: Several scripts utilize subprocess.run() to perform core automation tasks. scripts/figures/render_mermaid.py executes the Mermaid CLI via npx, and scripts/screenshots/capture_thesis_screenshots.py runs Node.js scripts and npm commands for browser automation.
[EXTERNAL_DOWNLOADS]: The screenshot capture workflow involves running npm install and playwright install, which downloads packages and browser binaries from official public registries (npm). These are standard operations for the tool's stated functionality.
[PROMPT_INJECTION]: The skill processes untrusted external data, creating an attack surface for indirect prompt injection where instructions embedded in processed files could influence agent behavior.
Ingestion points: Untrusted data is ingested through PDF reference extraction (extract_pdf_references.py), Word document analysis (analyze_docx.py), and project evidence building (build_project_evidence.py).
Boundary markers: The skill uses structural instructions and delimiters within its templates (ai-prompts.md) and SKILL.md to help the agent differentiate between process instructions and data.
Capability inventory: The skill possesses capabilities for file system modification, command execution, and network access via Playwright.
Sanitization: The skill's instructions explicitly forbid the agent from inventing facts or leaking AI-workflow language into the generated thesis prose.
[DYNAMIC_EXECUTION]: Local project scripts such as scripts/workspace/init_thesis_workspace.py and scripts/review/count_chapter_words.py utilize importlib.util to dynamically load and execute functions from internal helper modules (e.g., init_workflow_logs.py and markdown_utils.py).

chinese-thesis-workbench