The Agent Skills Directory

[SAFE]: The skill functions as a static knowledge base and local query tool. Comprehensive review of the markdown guides and CSV databases found no evidence of prompt injection, obfuscated malicious commands, or instructions designed to bypass agent safety filters.
[COMMAND_EXECUTION]: The skill includes scripts/query_database.py, which is used by the agent to filter and retrieve SEO formulas. The script is securely authored, utilizing a hardcoded whitelist for database names and performing path resolution checks (is_relative_to) to ensure the agent cannot access files outside the intended directory via path traversal.
[DATA_EXFILTRATION]: Analysis of all scripts and reference files confirmed the absence of network-reaching code (such as requests or curl), hardcoded credentials, or access to sensitive system file paths.
[INDIRECT_PROMPT_INJECTION]: While the skill processes user-provided topics to generate content, the data sources (CSVs) are internal and static. There is no ingestion of untrusted remote data, significantly minimizing the risk of indirect injection attacks.

social-media-seo