The Agent Skills Directory

[SAFE]: The skill focuses on providing marketing guidelines, playbooks, and strategy templates. It emphasizes ethical boundaries, specifically stating 'no astroturfing, no deception, no manipulation' in its core principles.
[EXTERNAL_DOWNLOADS]: The skill provides instructions to install agent-browser from a trusted organization (Vercel Labs) to facilitate live research. This aligns with the skill's purpose for market analysis and does not constitute a security risk.
[COMMAND_EXECUTION]: Usage of CLI tools like agent-browser is documented for performing research on well-known platforms (Google Trends, Reddit, TikTok, Product Hunt). These commands are standard for the intended workflow.
[DATA_EXFILTRATION]: The skill reads project configuration and strategy files to align its recommendations but shows no patterns of exfiltrating sensitive data to unauthorized external endpoints.
[PROMPT_INJECTION]: There are no detected attempts to override system prompts or bypass safety filters. The instructions are consistently focused on the marketing strategist persona.
[INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect injection as it processes data from external URLs via browser and local configuration files. This is a common characteristic of research-oriented skills and is documented here as an architectural surface rather than a specific malicious implementation.

bmad-agent-marketing-guerrilla