The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill explicitly instructs users to install and update the system by piping a remote script directly to a shell environment: curl -s "https://code.deepline.com/api/v2/cli/install" | bash. This pattern allows the remote server to execute arbitrary code on the user's system without prior inspection or verification of the script content.
[CREDENTIALS_UNSAFE]: The scripts/clay-extract.py tool directs users to copy raw cURL commands from their browser's network tab to provide access to the Clay platform. The script programmatically extracts the claysession cookie and persists it to a local JSON file. This practice bypasses secure credential management and encourages users to handle sensitive session identifiers that could be stolen or misused.
[COMMAND_EXECUTION]: The skill makes extensive use of the run_javascript tool and shell-based scripts to process GTM data. These execution environments have access to the local filesystem and network, and they process data retrieved from various third-party GTM providers, creating a broad surface for command injection if malicious payloads are returned by a provider.
[EXTERNAL_DOWNLOADS]: The skill's architecture involves downloading components and configurations from the developer's remote infrastructure. An automated security scan has flagged these sources as untrusted, particularly when the downloaded content is piped directly into execution tools.
[PROMPT_INJECTION]: The skill processes large datasets from CSV files and external APIs (such as Apollo, Crustdata, and Exa) and interpolates this content into prompts for the deeplineagent tool. As documented in enriching-and-researching.md and writing-outreach.md, there is no evidence of robust sanitization or strict boundary markers to prevent malicious instructions embedded in the processed data from influencing the agent's behavior (indirect prompt injection).

gtm-meta-skill