The Agent Skills Directory

[SAFE]: The skill provides documentation and actionable guidance for the SparkLoop platform. It uses official API references and established workflows for email service provider (ESP) integrations. All external links point to official SparkLoop documentation or GitHub repositories belonging to the vendor or trusted services.
[PROMPT_INJECTION]: The skill includes a feature to append and read from references/learnings.md to accumulate knowledge over time. While this technically creates a surface for indirect prompt injection (Category 8) by allowing user-influenced data to be persisted into the agent's context in future sessions, it is a standard design pattern for self-improving agents. Given the lack of dangerous capabilities or automated tool execution, this is assessed as safe.
Ingestion points: The file references/learnings.md is read at the start of every session (Step 1).
Boundary markers: None; the content of the learnings file is incorporated directly into the instructions.
Capability inventory: The skill instructions recommend reading/writing to local files; no subprocess tools, shell access, or dynamic network capabilities are defined in the frontmatter.
Sanitization: No validation is performed on the 'gotchas' or tips the agent appends to the file, but this is consistent with the skill's role as a documentation helper.

sales-sparkloop