The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill requires the installation of the scrape-creators-pp-cli tool using npx and go install from repositories associated with the vendor mvanhorn. While this involves remote code execution during setup, the sources are consistent with the skill's authorship and represent standard installation procedures for the provided functionality.
[DATA_EXFILTRATION]: The CLI tool includes a --deliver webhook:<url> feature. This allows the output of any command—including account credit status, API usage patterns, and sensitive scraped social media data—to be sent directly to an external server. While documented as an operational feature for automation, it provides a direct mechanism for data exfiltration if the agent is directed to use it maliciously or if the command is injected.
[PROMPT_INJECTION]: This skill ingests and processes large amounts of untrusted data from various public social media platforms (TikTok, YouTube, Twitter, etc.). This content is a primary vector for indirect prompt injection attacks.
Ingestion points: Scraped social media profiles, posts, video transcripts, and ad libraries (SKILL.md).
Boundary markers: The skill does not provide instructions for the agent to treat scraped content as untrusted or to use specific delimiters when processing the results.
Capability inventory: The agent has access to Bash and Read tools, enabling it to execute commands and process the resulting external data.
Sanitization: There is no evidence of sanitization, filtering, or validation of the external content before it is processed by the agent.

pp-scrape-creators