The Agent Skills Directory

[PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface via external data ingestion. 1. Ingestion points: Bird tool reads tweets, mentions, and search results. 2. Boundary markers: No delimiters or safety instructions are provided to separate external content from agent logic. 3. Capability inventory: Postiz API network access and local memory file writes. 4. Sanitization: No sanitization or escaping logic is defined for external data.
[CREDENTIALS_UNSAFE] (LOW): Hardcoded integration ID (cmldj0s1202ddom0y2fugxsxb) is present in the skill instructions.
[SAFE] (INFO): The skill implements a robust safety control requiring manual approval for every outbound action, which significantly reduces the impact of potential injection attacks.

larry-experiments