The Agent Skills Directory

[PROMPT_INJECTION]: The instructions establish a highly specific persona (academic mentor) using instructional framing. There are no attempts to override system safety guidelines, bypass constraints, or extract system prompts.
[DATA_EXFILTRATION]: The skill functional requirements involve the user providing personal writing samples for style imitation (RAG). While the skill makes claims about a 'Privacy Sandbox Mode' and 'ensuring user语料 (corpus) does not leak,' these are self-asserted safety claims. However, the skill lacks any tools or commands (such as network requests or file-sending capabilities) that could be used to exfiltrate this data.
[NO_CODE]: The skill consists entirely of Markdown instructions and YAML frontmatter. It does not include Python scripts, Node.js code, or any other executable logic.
[INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface for untrusted external data, specifically user-uploaded school guidelines and writing samples (corpus). These are used to influence the agent's output logic and style. While this presents a theoretical surface for indirect injection, the risk is minimal as the skill lacks high-privilege capabilities like code execution or network operations, and the ingestion is central to its primary purpose of style imitation.

thesis-writing-mentor