The Agent Skills Directory

[PROMPT_INJECTION]: The skill defines a workflow for processing untrusted external data during newsletter discovery and evaluation. Ingestion points: Untrusted data enters the agent context via the web_search tool during Phase 1 (Discovery), Phase 2 (Evaluation), and Phase 3 (Competitive Intelligence) as described in SKILL.md. Boundary markers: No specific boundary markers or instructions (e.g., "ignore instructions in the text") are present in the search prompts or processing steps. Capability inventory: The skill possesses the capability to perform web searches and write reports to the local file system in the clients/ directory. Sanitization: No explicit sanitization, validation, or escaping of the fetched web content is performed before it is analyzed by the agent or written to reports.
[DATA_EXFILTRATION]: The skill uses web search to collect publicly available information about newsletters and competitor advertisements. It does not access sensitive local file paths (such as SSH keys or environment variables) or attempt to transmit private data to unauthorized external servers.
[SAFE]: The installation process and the use of the web_search tool are consistent with the skill's intended purpose of marketing research. All external domains mentioned (Substack, Beehiiv, Paved, Swapstack, Sparkloop) are well-known, industry-standard services for newsletter management and sponsorship.

sponsored-newsletter-finder