The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the user to clone a complete software project from a third-party repository (https://github.com/daijinma/geo_marketing.git) which does not correspond to the stated author (Aradotso). This introduces a supply chain risk.
[COMMAND_EXECUTION]: The setup process requires executing numerous powerful CLI tools and commands, including make, docker-compose, playwright, and wails. These commands install system-level binaries and manage database services.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its core functionality is to ingest and process data from external AI search engines.
Ingestion points: Untrusted AI-generated text is scraped from browser sessions in llm_sentry_monitor/providers/deepseek.py using Playwright selectors.
Boundary markers: None are present in the provided snippets to distinguish between instructions and data when processing scraped text.
Capability inventory: The scraped data is stored in a PostgreSQL database via db.save_record and is served through a FastAPI REST endpoint (/mock).
Sanitization: There is no evidence of sanitization or escaping for the response_text before it is saved or potentially rendered in the desktop client UI.

llm-sentry-geo-marketing