The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The script scripts/scrape_producthunt.py handles the Apify API token by retrieving it from an environment variable (APIFY_API_TOKEN) or a command-line flag, which is a standard security practice for credential management.
[EXTERNAL_DOWNLOADS]: The skill uses the requests library for HTTP communication. This is a well-known and trusted package. No unverified or dangerous remote scripts are executed.
[PROMPT_INJECTION]: The skill processes untrusted product information from external sources. While this presents a surface for indirect prompt injection, the risk is mitigated as the data is not used to trigger sensitive operations.
Ingestion points: scripts/scrape_producthunt.py (line 103) fetches data from the Apify API.
Boundary markers: The scraped data is not enclosed in delimiters.
Capability inventory: The skill performs network requests to the Apify API; it does not contain file system write operations or shell command execution capabilities.
Sanitization: No sanitization is performed on the scraped product names, taglines, or descriptions.

product-hunt-scraper