The Agent Skills Directory

[SAFE]: The skill performs its primary function of lead research and email generation without engaging in malicious activities. Behavior is consistent with the described functionality.
[PROMPT_INJECTION]: No direct prompt injection attempts or instructions to bypass safety guidelines were found in the skill definition or templates.
[DATA_EXFILTRATION]: The skill does not access sensitive local configuration files or environment variables (e.g., .ssh, .aws). It processes user-provided inputs and writes results to an intended Notion destination, which is the core functionality.
[COMMAND_EXECUTION]: No dangerous system command execution or shell injection patterns were identified. Usage of Notion MCP tools is restricted to standard database operations.
[EXTERNAL_DOWNLOADS]: The installation process utilizes official platform-related tools (npx goose-skills), and no unauthorized remote script execution (e.g., curl|bash) is present.
[SAFE]: Regarding indirect prompt injection surface: the skill ingests untrusted data from web search results and fetched company websites (SKILL.md, Phases 1 and 2). It lacks explicit boundary markers or sanitization for this content. However, its capabilities are limited to Notion database writes and further web research, and this represents a standard risk factor for the skill's intended research purpose.

early-access-email-sequence