The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted TikTok influencer data (such as bios, video descriptions, and names) retrieved from the KeyAPI service. This data enters the agent's context and could contain indirect prompt injection instructions that attempt to influence the agent's behavior during report generation.
Ingestion points: Data is fetched from the remote MCP server via scripts/run.js and stored in the local .keyapi-cache/ directory.
Boundary markers: The workflow instructions do not define specific delimiters or warnings to isolate external data from the agent's primary instructions.
Capability inventory: The scripts/run.js tool possesses capabilities for local file read/write operations and network access.
Sanitization: No explicit sanitization or validation logic is present to filter executable instructions or malicious content within the retrieved influencer data.
[COMMAND_EXECUTION]: The skill provides and requires the execution of a Node.js script (scripts/run.js) to interact with the service, list tool schemas, and perform data collection tasks.
[EXTERNAL_DOWNLOADS]: The scripts/run.js utility is configured to make network requests to the vendor's content delivery network at echosell-images.tos-ap-southeast-1.volces.com to perform batch conversion of cover image URLs.

keyapi-tiktok-influencer-discovery