The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the authorized Bash tool to execute a bundled Python script (prescan.py) for deterministic pattern scanning. It also contains logic to locate and execute an extract_rules.py script from a related vendor skill (brand-voice) if the user provides a brand-voice document. These executions are restricted to local paths within the skill's installation directory or standard user skill directories.
[DATA_EXFILTRATION]: The skill accesses local files provided as arguments to perform its core humanization task. It mitigates the risk of accidental data exposure or corruption by filtering files based on prose-specific extensions (e.g., .md, .txt, .rst) and requiring explicit user approval via the Edit tool before any modifications are committed.
[PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes and transforms untrusted prose. It implements a masking mechanism (mask_protected_regions) to ensure that non-prose elements like fenced code blocks, YAML frontmatter, and URLs are ignored during analysis, reducing the impact of potential injection attacks embedded in the text.

humanize-en