The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill communicates with several external APIs to fulfill its primary purpose. It connects to 'api.extruct.ai' (vendor-owned infrastructure) to retrieve contact tables, and 'api.fullenrich.com' or 'api.prospeo.io' (well-known enrichment services) to search for verified contact information. These interactions are consistent with the skill's stated functionality.
[CREDENTIALS_UNSAFE]: The skill workflow manages the 'EXTRUCT_API_TOKEN' environment variable and explicitly requests third-party API keys for Prospeo and Fullenrich from the user. It includes instructions for users to set these credentials manually and perform validation checks before proceeding. No hardcoded secrets or sensitive keys are present in the skill files.
[COMMAND_EXECUTION]: The skill uses standard shell commands such as 'test', 'echo', and 'export' to verify environment variables and guide the user through setting up necessary API tokens. These operations are limited to environment preparation and do not involve executing arbitrary code or downloading external scripts.
[DATA_EXFILTRATION]: The skill reads contact information (names, LinkedIn URLs, domains) from local CSV files or the Extruct API and transmits this data to the user-selected enrichment provider. This data transfer is the core intended purpose of the skill and is clearly documented in the workflow steps.
[PROMPT_INJECTION]: The skill instructions do not contain patterns typical of prompt injection, such as attempts to override system instructions, bypass safety filters, or extract system prompts.

email-search