The Agent Skills Directory

[SAFE]: The analyzed skill is an instructional guide for the Mailmo platform. All mentioned tools and workflows, such as the LinkedIn Chrome extension and bulk verification, are standard features of the service.
[COMMAND_EXECUTION]: The skill references an installation command npx skills add sales-skills/sales to help users discover related tools. This command points to the vendor's own repository (sales-skills) and represents standard product documentation rather than a malicious execution vector.
[INDIRECT_PROMPT_INJECTION]: The skill uses references/learnings.md to store and retrieve accumulated knowledge across sessions. While this creates a surface for indirect prompt injection where untrusted user input could potentially be persisted and later interpreted as instructions, this is a common and intended design pattern for providing agents with long-term memory and does not exhibit malicious behavior in this implementation.

sales-mailmo