The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local bundled bash scripts (api.sh and signup.sh) to facilitate authentication and API interactions with the vendor's infrastructure.
[CREDENTIALS_UNSAFE]: Authentication tokens are managed using a local .env file, which is explicitly added to .gitignore during the signup process to prevent accidental credential leakage. This aligns with recommended secret management practices.
[DATA_EXFILTRATION]: The skill transmits LinkedIn profile URLs and monitoring parameters to the vendor's API endpoint (api.openfunnel.dev) to retrieve engagement signals. These operations are restricted to the author's official domain.
[SAFE]: The skill possesses an indirect prompt injection surface as it processes external data from LinkedIn. Ingestion points: API responses from api.openfunnel.dev are used to populate Markdown tables in SKILL.md. Boundary markers: Absent; results are presented in standard Markdown tables. Capability inventory: Subprocess calls to api.sh and signup.sh are present in SKILL.md. Sanitization: Absent; however, the agent is strictly instructed to present results as returned by the API without fabrication or inference, mitigating the risk.

spot-people-engaging-with-competitors