The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes a local Python script using the command python skills/ns-draft/scripts/chapter_audit.py <chapter-file>. This execution of a shell command with a variable filename argument creates a potential surface for command injection if file paths are not properly sanitized.
[DATA_EXFILTRATION]: The skill reads several project-specific files including novel-studio/project.yaml, plan.yaml, memory.yaml, continuity.yaml, and style.yaml. While these files are necessary for the narrative task, accessing structured project data represents a form of data exposure of the user's intellectual property.
[PROMPT_INJECTION]: The skill has an indirect prompt injection surface. Ingestion points: It processes untrusted chapter content and structured YAML project files. Boundary markers: The instructions do not define delimiters to separate narrative data from instructions. Capability inventory: The skill includes the capability to execute shell commands. Sanitization: There is no mention of sanitizing input content or validating file paths before they are used in script execution.

ns-rewrite-heavy