The Agent Skills Directory

[SAFE]: The skill operates entirely within the parameters of a content-generation assistant. It does not execute unauthorized commands, perform hidden network operations, or utilize obfuscation to mask intent.
[PROMPT_INJECTION]: The skill is designed to handle untrusted user data to customize proposals. (1) Ingestion points: User-provided responses to discovery questions in SKILL.md. (2) Boundary markers: The skill promotes the use of {{token}} syntax to delimit variable fields. (3) Capability inventory: Reads and appends to local reference files and generates JSON payloads for external use. (4) Sanitization: The use of templated placeholders isolates user input from the structure of the proposal, mitigating the risk of embedded instructions affecting the agent's logic.
[DATA_EXFILTRATION]: The skill references the official Qwilr API (api.qwilr.com) for instructional purposes. It does not attempt to access sensitive local files (e.g., .ssh, .aws) or hardcode authentication secrets; instead, it correctly points users toward standard Bearer token usage for legitimate API interaction.

sales-proposal-page