The Agent Skills Directory

[PROMPT_INJECTION]: The skill involves reading user-authored manuscript files (Chapters and Outlines) to update its internal memory bank. This represents an indirect prompt injection surface where a user (or an attacker providing content the user imports) could attempt to influence the agent's behavior. However, the skill provides explicit mitigations in 'references/book_memory_protocol.md', instructing the agent to treat these files strictly as narrative data and not as behavioral directives.
Ingestion points: Processes files within the Chapters/ and Outlines/ directories.
Boundary markers: Explicitly defined in the 'Content Boundary and Sanitization Rules' section of the memory protocol.
Capability inventory: File system read/write access and local script execution.
Sanitization: Instructions require the agent to summarize information rather than copy verbatim and to ignore any text resembling system commands.
[COMMAND_EXECUTION]: The skill provides and utilizes local scripts (.ps1, .sh, .bat) for book production tasks such as merging chapters and converting Markdown to DOCX. These scripts are statically provided within the skill assets and perform legitimate file management and formatting operations, including the use of Microsoft Word COM objects for template generation. These actions are aligned with the skill's primary purpose and are scoped to the project workspace.

book-writer