The Agent Skills Directory

[SAFE]: The skill instructions define a legitimate process for writing assistance and do not contain any malicious patterns or unauthorized commands.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface as it is instructed to read and learn from user-provided reference documents and material files. Evidence: 1. Ingestion points: '参考资料' (reference materials) and '素材文件' (material files) in SKILL.md; 2. Boundary markers: absent; 3. Capability inventory: internet search, sub-agent invocation, and file creation; 4. Sanitization: absent. This behavior is standard for a co-authoring tool and does not present a high risk in this context.\n- [DATA_EXFILTRATION]: No patterns for exfiltrating sensitive system data or credentials were found. Internet search is used exclusively for content enrichment and trend analysis related to the user's writing goals.\n- [REMOTE_CODE_EXECUTION]: The skill does not include any instructions for downloading external code, installing third-party packages, or executing shell scripts.

doc-coauthoring