The Agent Skills Directory

[DATA_EXFILTRATION]: The scripts scripts/agent.py and scripts/process.py perform network operations to non-whitelisted domains such as hunter.io and crt.sh, and query Google search. While necessary for OSINT, these actions involve sending domain names to external services.
[COMMAND_EXECUTION]: The skill provides Python utilities designed for command-line use that process user-supplied input. Analysis of the code shows no use of unsafe subprocess calls or arbitrary shell execution.
[CREDENTIALS_UNSAFE]: scripts/agent.py contains a hardcoded API key (api_key=demo) for the Hunter.io service. This is a public demo key and does not represent an exfiltration of user secrets, but it is a hardcoded credential pattern.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it processes untrusted data from external websites.
Ingestion points: scripts/process.py and scripts/agent.py fetch and read the body and headers of target websites and API responses.
Boundary markers: None detected; the skill does not use delimiters to isolate untrusted data.
Capability inventory: The script scripts/process.py has the capability to write files to the local system (report generation).
Sanitization: No specific sanitization or filtering of the ingested web content is performed before it is written to the output reports.

performing-open-source-intelligence-gathering