The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The documentation instructs users to clone the framework from a personal GitHub repository at github.com/j1ngg/tech-marketing-framework.git. This repository is not owned by the stated author (Aradotso/ara.so) and is not a recognized or verified organization.
[REMOTE_CODE_EXECUTION]: The framework contains features for dynamic code and instruction generation. Specifically, the 'autoresearch' skill is designed to autonomously run variations of other skills, evaluate the results, and then 'updates skill definition based on what works' and 'commits improvements.' This persistent self-modification of the agent's logic presents a security risk if the generation process is influenced by malicious input.
[PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection, as it is designed to process external and potentially untrusted data to generate marketing content.
Ingestion points: Competitive analysis tool (/how-they-market) which reads competitor URLs and the Ads Auditor (/ads-auditor) which processes CSV performance data.
Boundary markers: The documentation does not specify the use of delimiters or 'ignore' instructions for the external content.
Capability inventory: Across its various skills, the agent has the capability to write files, modify its own source files, and execute local shell commands.
Sanitization: No validation or sanitization of the external data is described.
[COMMAND_EXECUTION]: The setup instructions involve multiple shell commands, including git clone for the framework and the installation of official CLI tools from Anthropic and OpenAI via npm.

tech-marketing-framework