The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to run Python scripts from multiple external skills, such as seo-domain-analyzer and review-scraper. These scripts are invoked using parameters derived from user input, such as product names and domains, which can represent a command injection surface if not properly handled by the underlying execution environment.
[DATA_EXFILTRATION]: The skill requires an APIFY_API_TOKEN environment variable to perform its core functions. This token is used to send search queries and competitor information to the Apify platform for scraping and analysis. While this is the intended behavior, it involves transmitting data to an external service.
[PROMPT_INJECTION]: The skill processes untrusted data from external sources including G2, Capterra, Reddit, and Hacker News. This creates an indirect prompt injection surface where malicious instructions could be embedded in public reviews or posts to influence the agent's behavior. Ingestion points include the output of scripts like scrape_reviews.py and scrape_reddit.py. No explicit boundary markers or sanitization procedures are documented to mitigate the risk of the agent obeying instructions embedded in this scraped data. The agent also possesses capabilities such as shell execution and file writing, which could be targeted by such an injection.

search-ad-keyword-architect