The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs users to install dependencies from public registries using standard tools like uvx and npx. It also references source code and configuration examples hosted on GitHub (github.com/mnemox-ai/). These resources originate from the tool's official development repositories.
[DATA_EXFILTRATION]: The idea_check tool transmits user-provided project descriptions (idea_text) to an external REST API endpoint (idea-reality-mcp.onrender.com). This network communication is essential for the tool's core functionality of market validation and uses a well-known cloud hosting service (Render).
[CREDENTIALS_UNSAFE]: The documentation suggests the use of optional environment variables such as GITHUB_TOKEN and PRODUCTHUNT_TOKEN to bypass API rate limits. The skill correctly advises users to set these via the environment rather than hardcoding them, which aligns with standard security practices for API-based tools.
[PROMPT_INJECTION]: The skill processes untrusted user input (project ideas) via the idea_text parameter. This input is then used to generate search queries for external platforms. While this represents a surface for indirect prompt injection, the risk is negligible as the data is used for analytical lookups rather than control flow or command execution.

idea-reality-mcp-validation