The Agent Skills Directory

[EXTERNAL_DOWNLOADS] (LOW): The skill requires the use of an external MCP server endpoint at 'https://rube.app/mcp'. While this is the standard endpoint for the 'rube' toolkit, the domain is not included in the trusted external sources whitelist.- [PROMPT_INJECTION] (LOW): The skill presents an Indirect Prompt Injection surface. * Ingestion points: Untrusted data is ingested from PostHog via 'POSTHOG_LIST_AND_FILTER_PROJECT_EVENTS' and 'POSTHOG_RETRIEVE_FEATURE_FLAG_DETAILS'. * Boundary markers: None are defined in the skill instructions to separate data from instructions. * Capability inventory: The skill possesses capabilities to modify project state, such as 'POSTHOG_CREATE_FEATURE_FLAGS_FOR_PROJECT'. * Sanitization: No evidence of sanitization or filtering of external event data is present, which could allow malicious content in PostHog logs to influence agent behavior.

posthog-automation