The Agent Skills Directory

[DATA_EXPOSURE_&_EXFILTRATION]: The skill interfaces with the Apollo.io API (api.apollo.io) to search for companies and personas. This is a well-known B2B data service and the network operations are consistent with the skill's primary purpose. Instructions for managing the 'APOLLO_API_KEY' recommend the use of a .env file, which is a standard and safe practice for credential management.
[INDIRECT_PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests and processes external data from the Apollo API (such as company names and job titles) which could contain malicious instructions.
Ingestion points: Data enters the agent context via Apollo Company and People Search API responses.
Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings when processing these strings.
Capability inventory: The skill has capabilities to perform network requests (API) and write files to the local system (CSV export).
Sanitization: No specific sanitization or validation of the ingested strings is mentioned in the provided documentation.
[PROMPT_INJECTION]: The skill includes explicit safety instructions ('CRITICAL: Never export results without explicit user approval') aimed at establishing an approval gate. These instructions reinforce agent safety and user oversight rather than attempting to bypass constraints.

tam-builder