The Agent Skills Directory

[SAFE]: The skill operates as a structural editor for creative writing projects, focusing on normalizing facts into character arcs, world rules, and timelines. It uses rigid contract versions (e.g., 2026-03) and schemas to ensure consistent behavior.
[PROMPT_INJECTION]: Indirect Prompt Injection Risk Assessment: (1) Ingestion points: Untrusted text enters via the 'context_bundle' and 'source_scene_draft' fields. (2) Boundary markers: The skill does not use explicit delimiters to separate user data from instructions. (3) Capability inventory: Capabilities are limited to generating structured markdown patches (change sets) and artifacts; there is no evidence of network access or shell execution. (4) Sanitization: No sanitization of the input text is observed. The overall risk is low due to the lack of high-privilege capabilities.
[DATA_EXFILTRATION]: The skill does not perform any network operations (no curl, wget, or fetch calls) and does not access sensitive system files like credentials or SSH keys. It exclusively targets creative writing project files like WORLD.md and CHARACTERS.md.
[COMMAND_EXECUTION]: There is no use of unsafe execution patterns such as eval(), exec(), or subprocess spawning in the provided instruction files and schemas.

novel-bible-manager