The Agent Skills Directory

[PROMPT_INJECTION]: Multiple agent files (e.g., agents/eic_agent.md, agents/devils_advocate_reviewer_agent.md) contain defensive clauses against prompt injection. These agents are instructed to treat content inside specific data delimiters (<phase1_output>) as read-only information and are explicitly told to ignore any imperative commands, such as 'ignore prior instructions', that might appear within those tags. This is a security best practice for multi-stage agents.
[SAFE]: The skill mandates a 'READ-ONLY CONSTRAINT' (SKILL.md), which strictly prohibits agents from modifying the source manuscript. All outputs are produced as separate reports, ensuring the integrity of the user's local files.
[SAFE]: No hardcoded credentials, sensitive file access, or network exfiltration patterns were detected. The skill's 'Calibration Mode' specifically uses a fresh context for each run and avoids cross-session persistence of user data.
[SAFE]: The workflow for academic review is purely instructional and involves no execution of external scripts or unverifiable dependencies. While a validation script is mentioned in documentation, no code-level tool invocation is present in the skill's operational instructions.

academic-paper-reviewer