The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill requires cloning the engine from an external GitHub repository (https://github.com/OranAi-Ltd/oransim.git). This is an unverifiable source as the organization is not recognized as a trusted vendor.
[DYNAMIC_EXECUTION]: The simulation engine utilizes pickle.load() to deserialize a local model file (models/lgbm_quantile_baseline.pkl). This is a known security risk as deserializing untrusted pickle data can lead to arbitrary code execution on the host system.
[COMMAND_EXECUTION]: The skill instructions involve executing shell commands such as pip install, git clone, and uvicorn to set up and run the simulation environment.
[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted campaign data (creatives, KOL lists) which is passed to LLM agents, creating an injection surface. 1. Ingestion points: Campaign JSON payloads at the /api/predict endpoint and AgentSociety initialization. 2. Boundary markers: No explicit delimiters or instructions are used to separate untrusted content from agent instructions. 3. Capability inventory: The skill has the capability to perform network operations to external LLM providers. 4. Sanitization: No sanitization or validation of the creative content is described before it is processed by the virtual consumer agents.

oransim-causal-marketing-twin