The Agent Skills Directory

[SAFE]: No malicious patterns, obfuscation, or credential exposure were found. The skill's operations align with its stated marketing purpose.
[DATA_EXPOSURE]: The skill is designed to access local marketing research and brand configuration files (e.g., BRAND.md, icp-research.md). This access is consistent with its function as a context-aware content generator and does not target sensitive system data or secrets.
[EXTERNAL_DOWNLOADS]: Agent instructions reference and fetch platform research from reputable technology companies and industry-standard practitioner blogs (e.g., Google, LinkedIn, Buffer, and Hootsuite). These are trusted sources for platform intelligence and do not involve the execution of untrusted remote code.
[COMMAND_EXECUTION]: While the 'Bash' tool is listed as an allowed tool in the skill's manifest, the individual agent instructions are strictly focused on text generation and data processing. No malicious shell commands or requests for remote script execution were identified.
[INDIRECT_PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests data from research artifacts while possessing high-capability tools (Write, Bash). However, this risk is mitigated by a modular architecture and the use of a dedicated 'Critic Agent' layer to validate the quality and safety of all final outputs.

short-form-brief