The Agent Skills Directory

[SAFE] (SAFE): The skill is a well-structured tool for medical writing guidance. The provided Python source code (scan-manuscript.py and the scanner package) follows standard practices for a CLI linter.
The scanner performs text analysis using regular expressions defined in scanner/patterns.py and scanner/tokenizer.py.
File system access is limited to reading the manuscript file provided by the user for scanning.
No network-related modules (e.g., socket, requests, urllib) are used, ensuring no data exfiltration occurs.
No dynamic code execution (e.g., eval, exec) or subprocess spawning was found in the analysis.
[Indirect Prompt Injection] (SAFE): The skill has a theoretical surface for indirect prompt injection that is non-exploitable.
Ingestion points: The scan-manuscript.py script ingests untrusted text from user-provided files (Line 124).
Boundary markers: Uses regex-based header detection in scanner/detector.py to identify sections, but no explicit security delimiters are used.
Capability inventory: Across all 15 files, there are no capabilities for network access, file writing, or command execution.
Sanitization: Input text is processed as strings and reflected in reports as snippets without sanitization. However, due to the lack of dangerous 'sinks' (actions the agent could take), the risk is negligible.
[Unverifiable Dependencies] (SAFE): Although implementation files for specific checks (e.g., checks_tier_a.py) are missing from the provided 15-file archive, the framework and available source code are transparent and focus solely on textual analysis.

manuscript