The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill fetches the customer-io CLI and MCP server components from the vendor's GitHub repository and NPM registry during the setup process.
Evidence: Installation instructions reference npx -y @mvanhorn/printing-press and go install github.com/mvanhorn/printing-press-library.
[COMMAND_EXECUTION]: The skill relies on shell command execution to install binaries and perform complex data operations through the specialized CLI.
Evidence: The instructions provide multiple bash examples for installation, verification, and executing CLI verbs.
[DATA_EXFILTRATION]: The CLI tool includes a delivery feature that allows sending command results to arbitrary external URLs, which could be misused to route sensitive information to unauthorized endpoints.
Evidence: The --deliver webhook:<url> functionality documented in SKILL.md allows POSTing data to a specified URL.
[PROMPT_INJECTION]: The skill processes external data from CSV and JSONL files, creating a surface for indirect prompt injection if the ingested content contains malicious instructions.
Ingestion points: The suppressions bulk add command reads data from local CSV or JSONL files (SKILL.md).
Boundary markers: The skill does not define specific delimiters or instructions to prevent the agent from obeying commands embedded within the processed data.
Capability inventory: The skill has the ability to execute shell commands and perform network operations via the webhook delivery feature.
Sanitization: No sanitization or validation of the ingested file content is mentioned in the instructions.

pp-customer-io