The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill represents an indirect prompt injection surface as its primary purpose involves processing untrusted external data, including interview transcripts (/interviews/), research papers (via lit-search), and reviewer feedback (revision/feedback.md).
Ingestion points: Data enters the agent context through the file system, specifically in the project's data and literature directories.
Boundary markers: The skill-dispatch templates use clearly defined headers (e.g., 'PROJECT CONTEXT', 'INPUTS') to delimit instruction from data, providing structural separation.
Capability inventory: The orchestrator utilizes external tools including grep, R, Stata, and local Python scripts (rag.py) to perform its research tasks.
Sanitization: No explicit sanitization or escaping of the processed research data is documented in the prompt instructions.
[COMMAND_EXECUTION]: The skill instructions reference the use of command-line tools such as grep and environment-specific software like R and Stata for data analysis. These are standard tools for the described research tasks and are invoked in the context of the agent's expected research capabilities.
[DATA_EXPOSURE]: The skill manages project state and progress through local YAML files (project.yaml, progress.yaml, project-state.md). It reads and writes research artifacts to local directories. This access is consistent with its role as a research coordinator and does not involve exfiltration to external domains.

research-coordinator