The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructions direct users to connect to a third-party MCP server at 'https://rube.app/mcp'. This server provides the tool definitions and execution environment for the PostHog automation. As this endpoint is not hosted by the official PostHog service or a widely recognized technology provider, the security of the operations depends entirely on the reliability of the third-party infrastructure.
[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it reads and processes external data from PostHog analytics.
Ingestion points: Tools such as 'POSTHOG_LIST_AND_FILTER_PROJECT_EVENTS' fetch event names and properties from the PostHog API (SKILL.md).
Boundary markers: There are no defined delimiters or instructions to treat fetched event data as untrusted content.
Capability inventory: The skill allows the agent to modify feature flags, capture events, and list project configurations (SKILL.md).
Sanitization: There is no evidence of filtering or validation to prevent instructional text embedded in event properties from influencing the agent's behavior.

posthog-automation