The Agent Skills Directory

[SAFE]: No malicious patterns or security vulnerabilities were identified. The skill focuses on improving the security posture of integrations through implementation guides.
[COMMAND_EXECUTION]: Provides defensive auditing commands using grep and git log to detect accidentally committed credentials in project history, as well as curl commands for local testing of webhook endpoints.
[EXTERNAL_DOWNLOADS]: Recommends well-known, official SDKs for AWS, Google Cloud, and Customer.io to ensure secure data handling and credential management.
[PROMPT_INJECTION]: While the skill involves processing untrusted data from webhooks, it follows best practices for indirect prompt injection mitigation by providing explicit instructions and code for HMAC-SHA256 signature verification, PII hashing, and attribute sanitization (Category 8 analysis).

customerio-security-basics