The Agent Skills Directory

[NO_CODE]: The skill is entirely documentation-based, consisting of Markdown files that provide strategic guidance and templates. No scripts, binaries, or executable code are included in the skill package.
[EXTERNAL_DOWNLOADS]: The documentation references several well-known and trusted third-party services for billing and analytics (e.g., Stripe, Chargebee, PostHog, Mixpanel, and Customer.io). These references are informational and do not involve automated or unverified software downloads.
[PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection because it instructs the agent to ingest and process untrusted user data—such as cancellation reasons or survey feedback—and interpolate that data into generated outputs like UI designs and dunning emails.
Ingestion points: Context gathering in SKILL.md and user survey responses detailed in references/cancel-flow-patterns.md.
Boundary markers: No specific delimiters or instructions to ignore embedded commands within the user data are provided in the instructional templates.
Capability inventory: The skill is purely instructional and lacks direct execution capabilities such as subprocess calls or file-writing scripts.
Sanitization: There are no explicit instructions for the agent to sanitize or escape user-provided strings before they are rendered in the final communication templates.

churn-prevention