The Agent Skills Directory

[PROMPT_INJECTION]: No malicious injection patterns or attempts to override system safety guidelines were detected. The instructions are clearly bounded within a professional marketing audit context.
[DATA_EXFILTRATION]: The skill does not perform any network operations or access sensitive system files. It requests client-provided marketing data for the purpose of generating a report, but lacks the capability to transmit this data externally.
[REMOTE_CODE_EXECUTION]: There are no patterns involving the download or execution of remote scripts. No package installation commands (npm, pip) or shell executions are present.
[COMMAND_EXECUTION]: No shell commands or subprocess calls are defined in the skill. The workflow is entirely based on text processing and reasoning.
[OBFUSCATION]: All content is in plain text. No Base64, hex encoding, or zero-width character obfuscation was found.
[CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or secrets are present. The skill correctly advises users to manage their own budget and tool access through standard payment methods.
[INDIRECT_PROMPT_INJECTION]: While the skill ingests untrusted user data (client business details and goals), it lacks any executable capabilities (file writing, network access, or shell execution) that could be exploited by such data. The risk of indirect injection triggering malicious actions is negligible.

meta-ai-tools-audit