The Agent Skills Directory

[SAFE]: The skill is composed of markdown instructions and templates. It does not contain any executable scripts, binaries, or commands that could compromise the system.\n- [PROMPT_INJECTION]: The skill contains an ingestion surface for untrusted data. Ingestion points: Processes user-provided outlines and rough drafts in SKILL.md. Boundary markers: Absent. Capability inventory: Limited to markdown and MDX generation. Sanitization: Absent. Assessment: The skill's role is restricted to technical writing, and the presence of strict style constraints (forbidden buzzwords) mitigates the risk of instructions being embedded in drafts, making the risk of indirect injection negligible.\n- [DATA_EXFILTRATION]: No unauthorized data access or external transmission found. The skill does not access sensitive files (like .aws or .ssh) or perform network requests via curl or wget.\n- [REMOTE_CODE_EXECUTION]: No remote code execution or external dependency patterns identified. The technical examples mentioned (e.g., langchain/vectorstores) are static markdown documentation and are not executed by the skill logic.

book-content-writer