The Agent Skills Directory

[PERSISTENCE]: The install.sh script persistently modifies the user's environment by appending an export command for NOVEL_SKILL_HOME to shell profile files (~/.profile and ~/.bashrc). Modification of shell startup scripts is a common technique for establishing persistence and influencing system behavior across sessions.
[COMMAND_EXECUTION]: The SKILL.md file contains instructions that direct the agent to use the Bash tool to execute local commands for project initialization and migration. These operations include python tools/init.py and potentially destructive operations like rm -rf on specific directories (e.g., .vscode/, drafts/) during project upgrades.
[INDIRECT_PROMPT_INJECTION]: The skill architecture (described in ARCHITECTURE.md and agents/chapter-planner.md) processes untrusted external data by allowing the importation of existing novel drafts ("导入这本小说"). These drafts and user-provided character settings are interpolated into agent prompts (specifically the writer and prompt-crafter agents) without explicit boundary markers or instructions to ignore embedded commands, creating a vulnerability surface for indirect prompt injection.
[METADATA_POISONING]: The docs/tutorial.md file contains a malformed or suspicious URL (github.com/modoojunko@novel-agent-skilll) that differs from the primary repository URL provided in the README. This could lead to user or agent confusion regarding the authentic source of the skill's components.

awesome-novel