The Agent Skills Directory

[DATA_EXPOSURE]: The skill utilizes local .env files to store and retrieve sensitive API tokens (APIFY_API_TOKEN, GOOSEWORKS_API_KEY). This is a recommended security practice to avoid hardcoding credentials within the source code.
[EXTERNAL_DOWNLOADS]: The script communicates with well-known and reputable service endpoints, including api.apify.com and the vendor's own proxy at api.gooseworks.ai. These interactions are necessary for the skill's primary function of scraping and enriching data.
[PROMPT_INJECTION]: The skill processes external text from LinkedIn (posts and comments), which is a common vector for indirect prompt injection. However, the script only uses this data for scoring and categorization and does not pass it to an LLM for instruction following, effectively neutralizing the risk.
Ingestion points: LinkedIn post content and user comments are ingested via Apify actor datasets in scripts/kol_engager_icp.py.
Boundary markers: No explicit delimiters are present, as the data is handled programmatically through JSON structures.
Capability inventory: The skill performs network requests to retrieve data and writes results to local CSV files.
Sanitization: The script performs keyword matching and regex searches on the ingested text; while it does not specifically sanitize for prompt instructions, the usage context is limited to data analysis.

kol-engager-icp