The Agent Skills Directory

Prompt Injection (SAFE): No attempts to override system instructions or bypass safety filters were detected. The content is strictly limited to academic writing guidelines.\n- Data Exposure & Exfiltration (SAFE): No sensitive file paths, hardcoded credentials, or network transmission commands (curl, wget) are present. The skill processes user-provided drafts locally.\n- Obfuscation (SAFE): The files consist of clear-text Markdown and LaTeX examples. No Base64, zero-width characters, or hex encoding were found.\n- Remote Code Execution (SAFE): There are no package installations or remote script executions. The skill references a local markdown file for prompts.\n- Indirect Prompt Injection (LOW): The skill identifies user-provided paper drafts and literature notes as input. While these are untrusted data sources, the skill lacks any dangerous tools (file-write, network-access, or subprocess-execution) that an attacker could leverage. Standard academic use-case findings.\n- Persistence & Privilege Escalation (SAFE): No commands were found that modify system startup, shell profiles, or request elevated permissions (sudo).

related-work-writing