The Agent Skills Directory

[DATA_EXFILTRATION]: The script champion_tracker.py contains a _load_dotenv function that programmatically searches parent directories (up to 10 levels) for .env files and loads their contents into environment variables. This pattern allows for the exposure of sensitive configuration data to the script's execution environment.
[COMMAND_EXECUTION]: The script champion_tracker.py uses importlib.util and exec_module to dynamically load and execute logic from a computed file path (../../lead-qualification/scripts/enrich_leads.py). This dynamic execution of external script files bypasses static import analysis and allows runtime code modification.
[COMMAND_EXECUTION]: The script modifies the system path using sys.path.insert(0, ...) to include the project root, enabling it to import arbitrary modules from the broader agent environment.
[EXTERNAL_DOWNLOADS]: The skill performs network operations to fetch LinkedIn profile data from api.apify.com and a vendor-specific proxy at api.gooseworks.ai using the requests library.
[PROMPT_INJECTION]: The skill processes CSV files (champions.csv) containing data sourced from external reviews and social media. This represents an indirect prompt injection surface.
Ingestion points: Reads champion data from input/champions.csv and manual imports.
Boundary markers: No delimiters or instructions are used to separate untrusted CSV content from agent instructions during processing.
Capability inventory: Performs network requests via Apify, writes to the file system (baseline.json, changes.csv), and reads .env files.
Sanitization: Minimal sanitization is performed via regex for name and company normalization, but the script does not validate the content of the CSV fields against malicious instructions.

champion-tracker