The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The skill requires access to sensitive credentials, including a .env file containing a Postgres DATABASE_URL and a path to a Google Cloud Service Account private key file (GSC_SA_KEY_PATH). These credentials are used to authenticate network operations against Google APIs and the database.
[COMMAND_EXECUTION]: The skill performs extensive system-level operations, including using launchctl to load and activate background jobs (com.m13v.social-gsc-seo.plist and com.m13v.social-serp-seo.plist) for persistence. It also executes shell commands for DNS management through vercel and gcloud, and runs Python snippets via python3 -c for site verification and sitemap submission.
[REMOTE_CODE_EXECUTION]: The skill dynamically generates and writes executable TSX (TypeScript React) files to the project's source directory (~/CLIENT-website/src/app/(main)/t/{slug}/page.tsx) based on external data. This code is later built and executed as part of the client's web application.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests untrusted data from the Google Search Console API and SERP research tools to drive its LLM-based page generation process.
Ingestion points: External query data fetched via fetch_gsc_queries.py and cron_seo.sh.
Boundary markers: The instructions do not define any delimiters or safety prompts to prevent instructions embedded within the queries from being followed by the generator.
Capability inventory: The system possesses file-writing capabilities, git operations (commit/push), and network access.
Sanitization: No explicit sanitization or validation of the external keywords or queries is implemented before they are used in the generation prompt.

gsc-seo-page