The Agent Skills Directory

[SAFE]: The skill's operations align with its stated purpose and utilize the allowed toolset for legitimate business research. There is no evidence of unauthorized file access, credential harvesting, or malicious network activity.
[PROMPT_INJECTION]: The skill processes untrusted external data, creating a potential surface for indirect prompt injection (Category 8). 1. Ingestion points: External website content (homepage, pricing, docs) and web search results for competitors and technology keywords. 2. Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the shared context construction. 3. Capability inventory: The execution environment provides access to tools like Bash and file modification, and the skill can trigger downstream signal skills. 4. Sanitization: The risk is significantly mitigated by mandatory instructions to 'present a summary to the user and ask them to confirm or correct' after each data collection phase, ensuring that potentially malicious instructions from external sites are reviewed by the user.

lead-discovery