essay-pipeline

[Skill Scanner] Skill instructions include directives to hide actions from user All findings: [HIGH] autonomy_abuse: Skill instructions include directives to hide actions from user (BH009) [AITech 13.3] [HIGH] skill_discovery_abuse: System prompt extraction attempt (SD002) [AITech 4.3] No malicious code patterns detected in this skill file. The design is coherent with its stated purpose. Main security concerns are operational: persistent storage of user-provided essay content in /tmp and explicit forwarding of content to fact-checker/voice-matcher sub-agents (a trust boundary). Recommend documenting data handling and retention policies, ensuring /tmp is appropriately permissioned or using a configurable secure storage location, and auditing the delegated sub-agents to confirm they do not exfiltrate data. LLM verification: The essay-pipeline skill is functionally coherent and aligned with its stated purpose: orchestrating interactive essay-writing while delegating fact-checking and voice-matching to Task sub-agents. I did not find explicit malicious code patterns (no downloads, no remote executables, no hardcoded credentials). However, there are moderate supply-chain/privacy risks: the skill batches user claims and draft text and sends them to Task tools (essay-fact-checker, essay-voice-matcher) whose implementati