The Agent Skills Directory

[COMMAND_EXECUTION]: The skill invokes several Python scripts including email-subject-tester.py, spam-score-checker.py, send-time-optimizer.py, brand-voice-scorer.py, approval-manager.py, and execution-tracker.py to analyze campaign data and manage the send workflow.
[DATA_EXFILTRATION]: The skill reads brand profiles, compliance rules, and agency SOPs from the ~/.claude-marketing/ directory on the local filesystem, which may contain sensitive business information or configuration.
[PROMPT_INJECTION]: The skill processes untrusted input from user-provided email content and recipient lists, creating an indirect prompt injection surface. Ingestion points: User-provided email body, subject lines, and recipient segments found in SKILL.md. Boundary markers: No delimiters or ignore-embedded-instructions warnings are present to isolate untrusted data. Capability inventory: The skill has file system access, local script execution capabilities, and network operations through connected email platform MCP servers. Sanitization: No explicit sanitization or validation of external content is described before it is used to build platform payloads or run analysis scripts.

send-email-campaign