The Agent Skills Directory

[PROMPT_INJECTION]: The skill has an indirect prompt injection surface by processing untrusted data from the web. * Ingestion points: Data retrieved via web search from official affiliate pages and pricing pages (SKILL.md Step 2). * Boundary markers: The skill does not define explicit delimiters or instructions to ignore embedded commands within the retrieved web content. * Capability inventory: The skill has capabilities to perform web searches and execute authenticated POST requests to an external API (SKILL.md Step 7). * Sanitization: The skill relies on manual agent-led validation checks (Step 8) rather than technical sanitization or filtering of external input.
[DATA_EXFILTRATION]: The skill transmits research results and user-provided links to the vendor API at https://list.affitor.com/api/v1/programs. This is a legitimate vendor resource from the author 'Affitor' used for the skill's primary purpose.

list-affitor-program