The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill provides instructions to download and execute a script from a remote server using a high-risk pattern.
Evidence: The 'Get started' section in SKILL.md contains the command curl -s "https://code.deepline.com/api/v2/cli/install" | bash to install the required CLI tool.
[COMMAND_EXECUTION]: The skill executes multiple shell commands and local scripts.
Evidence: Extensive use of the deepline CLI throughout SKILL.md for data enrichment and tool execution.
Evidence: Use of run_javascript:@$WORKDIR/expand_nicknames.js in SKILL.md to execute local code for name expansion.
[EXTERNAL_DOWNLOADS]: The skill interacts with various third-party APIs to resolve and verify LinkedIn profiles.
Evidence: Network requests are documented for Apollo (api.apollo.io), Google Custom Search (googleapis.com), Exa (api.exa.ai), PeopleDataLabs (api.peopledatalabs.com), and Apify in references/provider-playbook.md.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to the processing of external data without sanitization.
Ingestion points: Input data is read from contacts.csv as shown in several deepline enrich examples in SKILL.md.
Boundary markers: No explicit markers or instructions are present to prevent the agent from following instructions embedded within the CSV data.
Capability inventory: The skill can make network requests to multiple providers, execute the deepline CLI, and run local JavaScript.
Sanitization: There is no evidence of input validation or escaping for the data read from the CSV before it is interpolated into command payloads using templates like {{First Name}} and {{Company}}.

linkedin-url-lookup