The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructions involve cloning an external repository from https://github.com/pennydinh/marketing-pineline-share.git to the local machine.
[COMMAND_EXECUTION]: The installation and development steps require running npm install and npm run dev on code downloaded from an unverified third-party repository, which could lead to arbitrary code execution if the repository is compromised or malicious.
[PROMPT_INJECTION]: The skill implements a workflow vulnerable to indirect prompt injection by processing untrusted data from external websites.
Ingestion points: Data is aggregated from TechCrunch, a16z, Twitter, and LinkedIn via the crawlNewsSources function in lib/research/crawler.ts.
Boundary markers: Absent. The buildPrompt function in lib/ai/content-generator.ts interpolates the raw JSON research data directly into the user message without delimiters or instructions to ignore embedded commands.
Capability inventory: The pipeline uses Anthropic and OpenAI APIs for content generation and executes local video rendering processes via Remotion.
Sanitization: No sanitization, filtering, or validation of the crawled content is performed before it is passed to the AI models.

marketing-pipeline-auto-content