The Agent Skills Directory

[PROMPT_INJECTION]: The skill is subject to indirect prompt injection due to its core function of analyzing untrusted research data.
Ingestion points: Processes external data from $ARGUMENTS and local project files including IDEA_REPORT.md, publications.md, and AUTO_REVIEW.md.
Boundary markers: The skill does not define explicit delimiters or 'ignore-previous-instructions' wrappers for ingested text.
Capability inventory: The agent has access to Bash(*), Write, and WebFetch, which could be exploited following a successful injection.
Sanitization: No specific text sanitization is described, although the use of '🚦 Checkpoint' prompts effectively mitigates risk by requiring human-in-the-loop verification before major tasks.
[EXTERNAL_DOWNLOADS]: Retrieves configuration and research landscape data from well-known academic services.
Evidence: Automatically queries the KAKEN database (kaken.nii.ac.jp) and NSF Award Search (nsf.gov) using WebSearch and WebFetch to verify research novelty and competition.

grant-proposal