The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute a local Python script campaign-tracker.py using the command python campaign-tracker.py --brand {slug} --action list-campaigns. This script is not provided within the skill's file list, making its behavior unverifiable and potentially dangerous if a malicious version is present on the host system.
[DATA_EXFILTRATION]: The skill accesses business-sensitive marketing profiles and brand guidelines located at ~/.claude-marketing/brands/{slug}/profile.json. Reading from paths in the user's home directory without restricted scope poses a risk of exposing private organizational data.
[PROMPT_INJECTION]: The skill reads external JSON and markdown files (profiles and guidelines) and incorporates their content directly into the agent's context. There is a lack of boundary markers or sanitization, which creates a surface for indirect prompt injection if those external files are compromised or contain malicious instructions.
[NO_CODE]: Several reference files mentioned in the instructions, such as skills/context-engine/compliance-rules.md, industry-profiles.md, and platform-specs.md, are missing from the provided skill package, leading to broken functionality and potential fallback to unsafe behaviors.

content-engine