The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill recommends installing an external plugin from an untrusted GitHub repository (github.com/coreyhaines31/marketingskills). Recommending or facilitating the installation of third-party code from unknown sources can introduce malicious behavior into the agent's environment.
[DATA_EXFILTRATION]: The instructions direct the agent to proactively scan the project for environment variables, API endpoints, and sensitive documentation (e.g., .agents/SYSTEM/ARCHITECTURE.md). Accessing environment variables is a common technique for harvesting secrets, credentials, and configuration data.
[PROMPT_INJECTION]: The skill is designed to ingest data from external analytics platforms and user-generated content (comments, engagement data). This creates a surface for indirect prompt injection attacks where malicious instructions hidden in the data could influence the agent's behavior during report generation.
Ingestion points: Analytics platform metrics, engagement data (comments, likes), and conversion data.
Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the processing logic.
Capability inventory: File system scanning, environment variable access, and content generation.
Sanitization: The skill lacks data validation or sanitization steps for the ingested external metrics and metadata.

analytics-expert