The Agent Skills Directory

[PROMPT_INJECTION]: The skill's instructions are focused on routing and executing SEO workflows. There are no attempts to bypass safety filters or override the agent's core instructions.
[DATA_EXFILTRATION]: The skill manages its business profile, memory, and reports in the ~/.nimble/ directory. It does not access sensitive system files (like SSH keys or AWS credentials). Network operations are performed through the nimble CLI and gh CLI for their intended purpose of SEO research.
[EXTERNAL_DOWNLOADS]: The skill provides instructions for installing the official @nimbleway/cli tool from the NPM registry. This is a trusted vendor-provided tool necessary for the skill's functionality.
[COMMAND_EXECUTION]: Shell commands are appropriately scoped to the nimble, gh, and standard utilities (jq, python3) for data processing and CLI interaction. No dangerous or arbitrary command execution patterns were found.
[INDIRECT_PROMPT_INJECTION]: The skill processes untrusted web data. It mitigates risk by using specialized sub-agents with strict prompts (e.g., ai-visibility-agent-prompt.md) that enforce structured JSON output and prohibit the sub-agent from interpreting or acting on the ingested content.
[PERSISTENCE]: Persistence is handled via a structured wiki-style memory system located in the user's home directory (~/.nimble/memory/). It does not use shell profiles, cron jobs, or other hidden persistence mechanisms.

seo-intel