The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using python3 -c to extract API credentials and configuration from a local file (~/.gooseworks/credentials.json). While this is used for the skill's primary authentication purpose and targets the author's own infrastructure, it involves executing script snippets to access sensitive local data.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it aggregates and processes data from numerous external, third-party sources (e.g., Hunter, Tomba, Linkup, Scrapegraph) and presents it to the agent without sufficient isolation or sanitization.
Ingestion points: Data is ingested from multiple enrichment APIs and web search/scraping tools across all enrichment scripts.
Boundary markers: The skill lacks explicit boundary markers or delimiters to separate the untrusted external content from the core instructions provided to the agent.
Capability inventory: The skill possesses the capability to perform network operations and read from the local file system using shell commands.
Sanitization: There is no evidence of data sanitization, validation, or escaping of the content retrieved from external APIs before it is integrated into the final output summaries.

comprehensive-enrichment