The Agent Skills Directory

[SAFE]: The skill logic is confined to marketing strategic planning and copywriting. It performs routine filesystem operations to read local brand context and save marketing deliverables. No unauthorized network requests, hardcoded credentials, or privileged command executions were found.
[PROMPT_INJECTION]: The skill features an indirect prompt injection surface as it is designed to ingest and audit untrusted data from external URLs and local brand documentation. 1. Ingestion points: Brand workspace files and user-provided live URLs for site audits (SKILL.md sections 0 and 15). 2. Boundary markers: Absent; the instructions do not specify delimiters to separate external content from system instructions. 3. Capability inventory: The skill is capable of writing files to the local directory at ./brands/{brand-slug}/content/email/. 4. Sanitization: Absent; no validation or escaping of external content is described. This surface is considered an inherent part of the skill's primary marketing audit function.

marketing-email