The Agent Skills Directory

[COMMAND_EXECUTION] (LOW): The skill executes a local script scripts/check_chapter_wordcount.py (referenced in SKILL.md). This script takes the novel name as part of its argument, which is a user-controlled value, potentially leading to command injection if not properly escaped by the agent.
[PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface detected (Category 8). 1. Ingestion points: User input for novel name, genre, character settings, and conflict enter the agent context in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Execution of local Python scripts and extensive file system write operations (SKILL.md). 4. Sanitization: Absent. No explicit validation or escaping of user-provided titles or descriptions is mentioned. This creates a surface where malicious user input could influence shell command construction or the narrative flow.

chinese-novelist