The Agent Skills Directory

[DATA_EXFILTRATION]: The generate_ad_asset and generate_video_clip tools utilize an optional webhook_url parameter. This mechanism enables the agent to transmit job execution data—including user prompts, status updates, and generated asset URLs—to an external endpoint, creating a potential route for data exfiltration.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing content from untrusted external sources. (1) Ingestion points: The fetch_page tool retrieves data from arbitrary web pages, while other tools ingest data via external image URLs. (2) Boundary markers: The instructions lack explicit delimiters or warnings to ignore instructions that might be embedded in the fetched external content. (3) Capability inventory: The skill can invoke multiple generation and search tools based on the potentially poisoned data it retrieves. (4) Sanitization: There is no mention of sanitization or validation logic for the content fetched from external URLs.

gentic-creative-assets