The Agent Skills Directory

[SAFE]: The skill instructions focus on formatting, organization, and citation of existing data. It does not attempt to execute remote code, exfiltrate data, or bypass agent safety constraints.
[PROMPT_INJECTION]: The skill contains no instructions to override system prompts or ignore safety rules. It includes safety-positive guidelines like 'Anti-hallucination' rules and 'Quality Checklist' items to ensure factual accuracy and proper attribution.
[DATA_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes untrusted research content. Ingestion points: Files read via the Read tool (e.g., content.md) and user-pasted text. Boundary markers: None explicitly defined in the instructions to separate data from instructions. Capability inventory: Access to Bash, Write, Edit, and Read tools. Sanitization: No specific sanitization or validation of the input content is described. While this represents a theoretical risk surface, the skill's logic is strictly for post-processing and does not exhibit malicious intent.

research-format