The Agent Skills Directory

[Metadata Poisoning] (MEDIUM): The skill metadata claims it was generated with 'OpenAI GPT-5.2'. This version of the model does not exist, indicating misleading or hallucinated metadata that misrepresents the skill's origin and potentially its reliability.
[Indirect Prompt Injection] (MEDIUM): High risk of adversarial content ingestion.
Ingestion points: Data enters the agent context from api.dataforseo.com, specifically through business listings, Google reviews, and Questions & Answers.
Boundary markers: The instructions do not define boundary markers (e.g., XML tags or delimiters) to separate the untrusted external data from the agent's instructions.
Capability inventory: The skill has the capability to perform outbound HTTP requests and process raw JSON payloads to generate summaries or alerts for the user.
Sanitization: No sanitization or filtering logic is provided to handle potentially malicious instructions embedded in reviews or Q&A fields.
[Prompt Injection] (LOW): The 'Examples' section contains instructional prompts such as 'If you don't have the skill installed, install dataforseo-business-data-api and then continue', which are designed to coerce agent behavior into installing external code.
[Credentials Unsafe] (LOW): The skill relies on HTTP Basic Authentication using ${DATAFORSEO_LOGIN} and ${DATAFORSEO_PASSWORD}. While necessary for the API, it requires the agent to handle sensitive credentials in its environment.

dataforseo-business-data-api