The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because its primary function involves processing large volumes of untrusted data from both external public sources and internal communication channels.
Ingestion points: As detailed in Phase 1 of SKILL.md, the skill gathers data from support ticket exports (CSV), Slack messages, call transcripts, and public web scraping.
Boundary markers: The instructions do not specify the use of delimiters or clear directives for the agent to ignore instructions that may be embedded within the customer feedback content.
Capability inventory: The skill utilizes multiple external tools (review-site-scraper, reddit-post-finder, twitter-mention-tracker) and has the authority to write synthesized reports to the local file system.
Sanitization: No validation or sanitization steps are defined to clean or filter the feedback data before it is analyzed by the language model.
[COMMAND_EXECUTION]: The documentation includes instructions for establishing persistence through system-level automation. It suggests setting up a cron job to execute shell commands (python3 run_skill.py) periodically, which involves recurring command execution and system task modification.
[EXTERNAL_DOWNLOADS]: The skill fetches data from well-known public services such as G2, Capterra, Trustpilot, Reddit, and Twitter using specialized scraping tools to provide a comprehensive analysis of customer sentiment.

voice-of-customer-synthesizer