The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill documents the use of external packages and platforms such as epub2, beautifulsoup4, and the tinker SDK for model training. It also references well-known models from the Hugging Face hub (e.g., Qwen and Llama series).
[COMMAND_EXECUTION]: The documentation and examples include benign shell commands (e.g., grep) used for verifying that the model outputs are original and not directly memorized from the training data.
[DATA_EXFILTRATION]: No patterns of data exfiltration or hardcoded credentials were detected. The skill correctly instructs users to manage sensitive data like API keys via environment variables (e.g., TINKER_API_KEY).
[INDIRECT_PROMPT_INJECTION]: The skill processes external text data (books). While this presents a surface for indirect prompt injection, the pipeline uses structured prompts and specialized agents (Phase 3: Instruction Agent) to mitigate risk, and the primary capability is generating training data rather than executing arbitrary code based on the book content.
[METADATA_POISONING]: A minor discrepancy exists between the Author field in the skill metadata (Muratcan Koylan) and the provided skill author context (hoangnb24), though this appears to be a documentation detail rather than a malicious attempt to deceive.

book-sft-pipeline