The Agent Skills Directory

[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes untrusted data from external LinkedIn profiles and user-provided CSV files to inform automated qualification decisions. \n- Ingestion points: External profile data fetched via Apify and user-supplied lead lists in CSV format. \n- Boundary markers: The instructions for parallel subagents lack explicit delimiters or warnings to ignore instructions embedded within the lead data. \n- Capability inventory: The skill is capable of executing local Python scripts (scripts/enrich_leads.py), performing web searches for leads, and writing output files. \n- Sanitization: There is no mention of sanitizing or validating retrieved profile content before it is interpolated into LLM prompts for evaluation. \n- [COMMAND_EXECUTION]: The skill invokes a local script, scripts/enrich_leads.py, via a shell command to handle batch data enrichment. \n- [EXTERNAL_DOWNLOADS]: The enrichment script connects to Apify's official API and the vendor's API proxy (api.gooseworks.ai) to fetch lead information. These network operations are consistent with the skill's documented functionality and target well-known or vendor-owned domains.

lead-qualification