The Agent Skills Directory

[PROMPT_INJECTION]: While the skill processes untrusted external data (referrers, UTM parameters, and entry paths) which constitutes an indirect prompt injection surface, it includes a dedicated 'Untrusted data' section with explicit instructions for the agent to treat this information as data only, truncate snippets, and sanitize identifiers. These measures align with security best practices for handling attacker-adjacent data streams.
[COMMAND_EXECUTION]: The skill uses structured SQL queries via the execute-sql tool. These queries are well-formed and include protections such as future-clock upper bounds and timezone-safe arithmetic, minimizing risks associated with dynamic query generation.
[DATA_EXFILTRATION]: All data operations are performed within the designated PostHog MCP environment using scoped tools. There are no attempts to exfiltrate data to unauthorized third-party domains.

signals-scout-web-analytics