The Agent Skills Directory

[SAFE]: No security issues were detected. The skill is well-structured and focuses on data aggregation and scoring tasks within a local environment.- [DATA_EXFILTRATION]: No data exfiltration vectors found. The skill does not perform network requests and only writes lead and report data to the local .postplus directory within the workspace.- [REMOTE_CODE_EXECUTION]: No remote code execution vulnerabilities. The skill does not download external scripts or use dynamic evaluation functions such as eval() or exec(). All script logic is self-contained and local.- [PROMPT_INJECTION]: The instructions and scripts do not contain prompt injection or bypass patterns. The ingestion of creator data (Category 8 surface) is safe: 1. Ingestion points: Ingests creator profile and comment data from local JSON files. 2. Boundary markers: External data is treated as structured fields in JSON objects. 3. Capability inventory: Limited to reading and writing local files. 4. Sanitization: Applies string trimming and basic normalization; the output is intended for human-reviewed outreach drafts.- [COMMAND_EXECUTION]: Command execution is restricted to the skill's own Node.js utility scripts with no elevated privileges, shell injection risks, or persistence mechanisms detected.

creator-outreach