The Agent Skills Directory

[SAFE]: The skill uses natural language instructions to guide the agent through content creation. It accesses specific configuration files within the user's home directory (~/.goose-skills/) to resolve voice settings, which is standard behavior for this vendor's tools.
[COMMAND_EXECUTION]: The skill instructs the agent to save generated content as markdown files on the local filesystem. This activity is restricted to the skill's stated purpose of content management and does not involve the execution of arbitrary or dangerous system commands.
[PROMPT_INJECTION]: The skill ingests untrusted data from the user brief and external voice guide files, creating an indirect prompt injection surface. The risk is assessed as safe because the agent's role is limited to drafting text for user review, and it does not have access to high-privilege tools or sensitive network operations. 1. Ingestion points: The --brief flag and user-provided voice guide files. 2. Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the instructions. 3. Capability inventory: The agent is permitted to write markdown files to the local disk. 4. Sanitization: The skill includes a 'Phase 4' self-check to validate variants against banned phrases and quality standards.

create-x-content