The Agent Skills Directory

[SAFE]: The skill functions as an instructional guide for writing and research assistance. It does not contain obfuscated code, data exfiltration logic, or unauthorized privilege escalation attempts.- [COMMAND_EXECUTION]: The skill suggests using common shell commands such as mkdir, cd, and touch to organize local writing projects. These operations are benign and restricted to the user's local file system for organizational purposes.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes external research data from the web. 1. Ingestion points: Untrusted data enters the agent context through web search results during the research phase (SKILL.md, Section 3). 2. Boundary markers: Absent; the instructions do not specify delimiters to isolate research content from instructions. 3. Capability inventory: The agent can perform file writes and general tasks. 4. Sanitization: No validation or filtering of external research content is specified. This is identified as a low-risk attack surface inherent to the skill's research functionality.

content-research-writer