The Agent Skills Directory

[PROMPT_INJECTION]: No evidence of behavior overrides, bypass markers, or role-play jailbreak attempts. The instructions focus on creative writing constraints and quality standards.
[DATA_EXPOSURE]: No hardcoded credentials or access to sensitive system paths were found. Filesystem operations are strictly limited to the current project directory for managing story files.
[DATA_EXFILTRATION]: No network operations (curl, wget, fetch) were detected. Data management is performed locally via MCP Memory and Filesystem tools.
[OBFUSCATION]: The content is provided in clear text with no use of Base64, zero-width characters, homoglyphs, or other encoding techniques intended to hide instructions.
[UNVERIFIABLE_DEPENDENCIES]: The skill includes a local Python utility script for word count analysis. This script uses only standard Python libraries and performs no remote execution or network calls.
[INDIRECT_PROMPT_INJECTION]: The skill ingests user-supplied story drafts. While this presents a theoretical attack surface, the skill includes 'Metadata Isolation Rules' (元数据隔离规则) to prevent technical tags and instructions from leaking into the creative output, reducing the risk of accidental instruction obedience.
[DYNAMIC_EXECUTION]: The skill features a 'self-improvement' module that allows the agent to suggest updates to its own prompt instructions based on user feedback. This process requires explicit user confirmation before any modifications are applied to local project files.

novel-writer