metis-strategy/metis-whitepaper
Produce Metis Strategy whitepapers — 15–28 page thought leadership PDFs with a specific structure, visual style, and editorial voice. Use this skill whenever a user asks to create, draft, or structure a whitepaper, thought leadership paper, playbook, or long-form research report for Metis Strategy. Also trigger when the user mentions "whitepaper," "white paper," "playbook," "thought leadership piece," "long-form report," or asks to produce a publishable document that looks like existing Metis research. Output is a polished, print-ready PDF generated from HTML via Playwright — matching the look and feel of published Metis whitepapers. Always use this skill for whitepaper requests, even if the user just says "write a whitepaper on X" without further specification.
93
93%
Does it follow best practices?
Impact
Pending
No eval scenarios have been run
Advisory
Suggest reviewing before use
Security
2 findings — 2 medium severity. This skill can be installed but you should review these findings before use.
W011: Third-party content exposure detected (indirect prompt injection risk)
What this means
The skill exposes the agent to untrusted, user-generated content from public third-party sources, creating a risk of indirect prompt injection. This includes browsing arbitrary URLs, reading social media posts or forum comments, and analyzing content from unknown websites.
Why it was flagged
Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly requires conducting external web research and fetching/verifying public URLs (Step 1: "Perform web research...collect sources with URLs" and Step 8: "fetch each endnote URL...pull a verbatim quote"), including open/public sources like Stack Overflow, GitHub, arXiv, industry analysts and government sites, so the agent will read and act on untrusted third‑party content that can materially influence drafting and tool actions.
W012: Unverifiable external dependency detected (runtime URL that controls agent)
What this means
The skill fetches instructions or code from an external URL at runtime, and the fetched content directly controls the agent’s prompts or executes code. This dynamic dependency allows the external source to modify the agent’s behavior without any changes to the skill itself.
Why it was flagged
Potentially malicious external URL detected (high risk: 0.80). The skill explicitly instructs the agent at runtime to fetch and verify external source URLs and to extract verbatim quotes (e.g., https://survey.stackoverflow.co/2025/) which are then injected into the draft and verification log, meaning remote content will directly shape the agent's prompts/output.
- Audited
- Security analysis