The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes user-provided academic papers as untrusted data across all phases of the workflow (SKILL.md). While this represents a surface for indirect prompt injection, the risk is negligible as the skill lacks dangerous capabilities such as network access or shell execution. Ingestion point: Manuscript input in Phase 0. Boundary markers: None identified in templates. Capability inventory: No command execution, file writes, or network tools detected. Sanitization: None present.
[DATA_EXFILTRATION]: No network-enabled tools (e.g., curl, wget) or data exfiltration patterns were detected. The skill does not attempt to access sensitive system files or credentials.
[COMMAND_EXECUTION]: There is no evidence of shell command execution, subprocess spawning, or administrative privilege requests within the agent instructions or reference files.
[CREDENTIALS_UNSAFE]: No hardcoded API keys, secrets, or private tokens were found. The skill adheres to safe practices by not requesting or storing sensitive credentials.
[SAFE]: The skill's behavior is consistent with its stated purpose. It utilizes established academic standards (references/statistical_reporting_standards.md) and structured rubrics (references/quality_rubrics.md) to perform legitimate analysis without malicious behavioral overrides.

academic-paper-reviewer