The Agent Skills Directory

[PROMPT_INJECTION]: The skill implements a self-improving 'learnings' mechanism through reading and writing to 'references/learnings.md'. This presents a vulnerability to indirect prompt injection where untrusted data could be persisted as future instructions. * Ingestion points: The agent is instructed to read 'references/learnings.md' at the beginning of each session (Step 1). * Boundary markers: The skill body contains no instructions to treat the learned content as untrusted or to ignore embedded instructions within the file. * Capability inventory: The skill possesses routing capabilities to other specialized skills and provides extensive guidance for managing advertising campaigns via the NextRoll API. * Sanitization: There is no logic provided to validate or sanitize user-provided information before it is appended to the learnings file or after it is retrieved.
[SAFE]: The skill references an installation command for 'sales-skills/sales'. This resource is managed by the same author ('sales-skills') and is part of the legitimate functionality of the skill ecosystem.
[SAFE]: References to the NextRoll API (api.nextroll.com) are documented neutrally. This is a well-known service associated with the AdRoll platform and the usage is consistent with the skill's stated purpose.

sales-adroll