The Agent Skills Directory

[COMMAND_EXECUTION]: The skill provides an automation script template in 'assets/codex-continue-novel.ps1' and instructs users to generate and execute it locally to enable autonomous 'marathon' writing. This script utilizes the 'codex exec' command with the '--dangerously-bypass-approvals-and-sandbox' flag, which explicitly bypasses agent sandboxing and user approval prompts for filesystem and command operations.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because its core workflow involves reading and acting upon the contents of various user-editable markdown files (e.g., '03-cast-bible.md', '05-main-plotlines.md'). * Ingestion points: The agent reads all project-related markdown files in the root and 'chapters/' directories during its pre-chapter processing loop. * Boundary markers: The instructions do not define clear delimiters or instructions to ignore embedded commands within the processed project files. * Capability inventory: The agent has extensive capabilities to write to the local filesystem and execute shell commands via the 'codex' CLI. * Sanitization: No content sanitization or validation is performed on the data read from project files before it is used to influence agent behavior.

novel-control-station