The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. It ingests untrusted data from chapter drafts and user inputs to perform state updates and direct sub-agents. Ingestion points: Reads chapter content from the chapters/ directory and processes user-supplied instructions. Boundary markers: Implements Named Context Bundles and a hierarchical progressive disclosure model to isolate information types. Capability inventory: Authorized to write to project state files such as INDEX.md and CURRENT_STATE.md and to invoke multiple sub-agents. Sanitization: Employs a contract-first coordination approach using formal YAML schemas (e.g., ArtifactResult, ChangeSet) to validate sub-agent outputs before write operations.
[COMMAND_EXECUTION]: The skill's documentation references an external maintenance script (scripts/sync_novel_skills.py). Although this script is part of the vendor's documentation management infrastructure and is not explicitly invoked by the agent during runtime, it is identified as an external executable dependency within the skill's distributed file structure.

novel-orchestrator-main