The Agent Skills Directory

[COMMAND_EXECUTION]: The skill is designed to execute a bundled Python utility script ('scripts/check_chapter_wordcount.py') to verify that generated content meets specific word count requirements. This is a local operation performed on the agent's machine using provided source code.
[PROMPT_INJECTION]: The skill architecture ingests untrusted user input (story themes, character profiles, and plot summaries) and persists this data in local project files (e.g., '00-大纲.md'). This data is subsequently read back into the agent's context to guide the generation of subsequent chapters, creating an attack surface for indirect prompt injection.
Ingestion points: User-provided narrative parameters collected in Stage 1 and stored in the project directory.
Boundary markers: Absent in templates used to store and retrieve user-controlled narrative data.
Capability inventory: Local script execution ('check_chapter_wordcount.py') and extensive file system read/write access.
Sanitization: No explicit sanitization or filtering of user-supplied story content is performed before it is re-ingested into the prompt context.

chinese-novelist