The Agent Skills Directory

[SAFE]: The skill demonstrates high security awareness by enforcing a read-only policy on user input files through both configuration (forbidden_write_globs) and script logic. Intermediate files are isolated in a hidden workspace (.nsfc-code/) to prevent directory contamination.\n- [COMMAND_EXECUTION]: The skill utilizes shell commands and the Python subprocess module for workflow management and validation. These operations are securely implemented, targeting only local scripts with static paths and avoiding the use of unsanitized user input in command arguments.\n- [PROMPT_INJECTION]: The skill identifies a potential indirect prompt injection surface as it ingests untrusted research proposal text via nsfc_code_rank.py. It mitigates this by providing boundary instructions in SKILL.md that explicitly warn the agent to treat input as data and ignore embedded instructions. The skill's capability inventory is limited to local script execution and file writing, and while no automated sanitization is performed on the input text, the heuristic analysis logic is inherently non-executable.\n- [DATA_EXFILTRATION]: A comprehensive audit of all included scripts confirms that no network operations, external API calls, or remote downloads are performed. All proposal data and results are confined to the local filesystem.

nsfc-code