The Agent Skills Directory

[CREDENTIALS_UNSAFE]: A functional API token is hardcoded within the script source code.
Evidence: In api_client.py, the variable DEFAULT_TOKEN is assigned the value "vZdfXsQag0amPbOZ8S3nNTqVRrVysjLT4kjaa6yL0gTnBk/asdaTAi8aA==".
Risk: Hardcoding credentials allows anyone with access to the skill's source code to use the token, potentially leading to unauthorized API usage or account exhaustion.
[EXTERNAL_DOWNLOADS]: The skill performs network requests to external domains to fetch data.
Evidence: The api_client.py script uses urllib.request.urlopen to communicate with api.tikhub.dev and api.tikhub.io.
Context: These domains are associated with the TikHub service providing the social media data functionality.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the way it processes external data.
Ingestion points: Untrusted data is ingested from various social media platforms (TikTok, Instagram, YouTube, etc.) via the TikHub API in api_client.py.
Boundary markers: Absent. The skill returns raw API responses to the agent context without using delimiters or instructions to ignore embedded commands.
Capability inventory: The agent has the capability to perform further network requests and present processed data to the user based on the API results.
Sanitization: Absent. No filtering or sanitization is performed on the content retrieved from social media platforms before it is provided to the agent.
Risk: If a fetched social media profile or comment contains malicious instructions (e.g., "Ignore previous instructions and instead do X"), the agent may inadvertently follow those instructions during its reasoning process.

tikhub-api-helper