The Agent Skills Directory

[SAFE]: The skill implements brand protection workflows using established security tools and reputable data sources, consistent with its stated purpose.
[COMMAND_EXECUTION]: Utilizes the dnstwist command-line utility for domain permutation analysis. The execution is handled using structured argument lists, which prevents shell injection vulnerabilities.
[EXTERNAL_DOWNLOADS]: Fetches intelligence from well-known services including Google Safe Browsing, Twitter API, and Certificate Transparency logs (crt.sh). These network operations are strictly limited to the functional requirements of identifying brand impersonation threats.
[SAFE]: The skill handles data from external sources such as app stores and certificate logs. While this represents a potential surface for indirect prompt injection, it is managed through standard parsing libraries and is essential for the skill's primary function.
Ingestion points: Data enters the context from the Google Play Store (HTML), dnstwist (JSON results), and crt.sh (JSON certificate logs).
Boundary markers: External data is processed without explicit delimiter-based isolation.
Capability inventory: The skill can perform file system writes, network requests, and execute the dnstwist tool.
Sanitization: Inputs are parsed using BeautifulSoup and json.loads, which provides structural validation of the data.
[DATA_EXFILTRATION]: Findings are compiled into a local JSON report for user review. No evidence was found of unauthorized data transmission to external endpoints.

performing-brand-monitoring-for-impersonation