The Agent Skills Directory

[PROMPT_INJECTION]: The skill is designed to ingest and process user-provided template content ('Template content: Pasted template structure...'). This creates a surface for Indirect Prompt Injection, where a malicious template could contain instructions that influence the agent's behavior when the template is later applied during command execution.
[DATA_EXFILTRATION]: The skill accesses sensitive directory paths such as ~/.claude-marketing/ to load brand profiles, active brand slugs, and existing guidelines. While the usage is consistent with the skill's purpose for a marketing agent, accessing home directory subfolders is a sensitive operation.
[COMMAND_EXECUTION]: The skill uses a local script guidelines-manager.py to perform template operations ('guidelines-manager.py --brand {slug} --action save-template --name {name}'). It also performs direct file writes to ~/.claude-marketing/brands/{slug}/templates/{name}.md. This involves executing subprocesses and modifying the local filesystem based on user-provided names and content.

import-template