The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides a Python script (scripts/run.py) for the agent to execute. Technical analysis of the script confirms it is limited to file I/O within the workspace and text processing using standard libraries. It does not utilize dangerous functions like eval, exec, or os.system to handle external data.
[DATA_EXPOSURE]: The skill interacts with project-specific files such as YAML and JSONL configurations within the user's workspace. It does not attempt to access sensitive system directories (e.g., /etc/, ~/.ssh/) or environment variables containing secrets.
[INDIRECT_PROMPT_INJECTION]: The skill processes external research data (excerpts and claims) that could potentially contain malicious instructions. It implements a 'hygiene' layer in run.py using extensive regular expressions to sanitize text by removing boilerplate and self-narration. While the output JSONL structure lacks explicit boundary markers for the processed text, the skill itself possesses no high-risk capabilities (e.g., network access) that would allow an attacker to exploit an injection.
[EXTERNAL_DOWNLOADS]: The skill does not perform any network operations. The SKILL.md explicitly defines the network requirement as 'none', and the associated Python script contains no network-capable code.

writer-context-pack