The Agent Skills Directory

[SAFE]: The skill uses standard file system tools (Read, Write, Grep, Glob) for its stated purpose of managing and querying journal profile databases.
[SAFE]: Verified that all journal profile data and instructions are in plain text without any form of encoding or obfuscation.
[SAFE]: All external URLs were inspected and found to target official medical society and publisher domains such as JAMA Network, Elsevier, Springer Nature, NEJM, and The Lancet.
[SAFE]: The use of the user's home directory ($HOME/.claude/private-journal-profiles/) is a platform-specific convention for storing persistent user configurations and does not involve unauthorized data harvesting.
[SAFE]: Directory creation logic (submission/{journal_short}/) is confined to project-specific scaffolding for manuscript preparation, which aligns with the skill's primary function.
[SAFE]: Indirect prompt injection analysis:
- Ingestion points: Untrusted data enters the agent context through user-provided abstracts and key findings (Phase 1).
- Boundary markers: No explicit boundary markers or 'ignore' instructions for interpolated content are defined in the matching logic.
- Capability inventory: The skill possesses Read, Write, Edit, Grep, and Glob capabilities across the skill and user directories.
- Sanitization: Input is used primarily for theme extraction and scoring against static local markdown files; no command execution or dynamic code generation is performed on user input, making the injection surface benign.

find-journal