The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to execute a local Python script scripts/scan-negative-framing.py in Phase 4. This script processes the content_drafts.md file, which contains content derived from untrusted source assets. While this is an intended part of the skill's quality gate logic, the script's source code was not included in the provided files for security verification.
[PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection (Category 8). It ingests untrusted source material and uses it to generate output while having access to sensitive tools.
Ingestion points: The Source asset (article text, transcripts, etc.) collected in Phase 1 and processed in Phases 2 and 3.
Boundary markers: Absent. There are no instructions for the agent to use delimiters or specific ignore-tags when processing the source asset.
Capability inventory: The skill has access to Bash, Read, Write, Edit, Grep, and Glob across its scripts and instructions.
Sanitization: The Phase 4 gate uses a Python script to scan for "hype phrases," but this is a stylistic check and does not provide protection against malicious instructions or command injection embedded in the source content.

content-engine