The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill defines workflows that ingest and process external data from Klaviyo, such as campaign messages and descriptions. This represents an attack surface where an attacker could embed malicious instructions in email or SMS content to influence the agent's behavior.
Ingestion points: Klaviyo tool outputs from KLAVIYO_GET_CAMPAIGN_MESSAGE and KLAVIYO_GET_CAMPAIGN.
Boundary markers: None provided in the instructions to separate data from instructions.
Capability inventory: No local scripts provided; capabilities are limited to the tools provided by the referenced MCP server.
Sanitization: No content sanitization or escaping mechanisms are defined in the workflows.
[Unverifiable Dependencies] (SAFE): The skill references an external MCP server (https://rube.app/mcp) and documentation (https://composio.dev/toolkits/klaviyo). While these are not on the established trusted sources list, they are presented as the primary infrastructure for the skill's intended purpose and do not involve immediate code execution or downloads.
[No Code Implementation] (SAFE): This skill consists entirely of documentation and metadata to guide an LLM in using external tools. It does not include Python scripts, Node.js packages, or shell commands that could be executed on the host system.

klaviyo-automation