The Agent Skills Directory

[OBFUSCATION]: The file scripts/lib/vendor/exifreader.js is a large, minified JavaScript library. Minified code obscures the underlying logic and makes it difficult to verify its safety, particularly when it handles complex data encoding and dynamic property access. Static analysis flagged potential code execution patterns within this file (Base64 decoding), which is a significant concern as it prevents transparent review of the script's behavior.
[INDIRECT_PROMPT_INJECTION]: The skill implements a character card import feature (scripts/parse-charcard.mts) that extracts metadata from user-provided image files (PNG/WebP). The instructions direct the agent to analyze and summarize this untrusted data to build character profiles. If an attacker provides a manipulated image with malicious instructions in its metadata, they could influence the agent's behavior during the novel-writing process, representing a clear indirect prompt injection surface.
[COMMAND_EXECUTION]: The skill's workflow involves executing Node.js scripts (validate-research-project.mts, parse-charcard.mts) to validate the project's state. While these are presented as legitimate tools for the skill's intended purpose, the capability to execute local scripts with filesystem access is a powerful function that requires the user to trust the integrity of all provided script files.

novel-research