The Agent Skills Directory

[DATA_EXFILTRATION]: The skill accesses sensitive internal configuration files containing personally identifiable information (PII). Evidence: In SKILL.md, the instructions require reading ${PAI_DIR}/.claude/skills/CORE/SKILL.md. Context: This file is stated to contain a 'Complete contact list and team members' and 'Voice IDs', which are unnecessary for the primary function of performing web research. Risk: Loading this sensitive context prior to sending research queries to external third-party APIs (Perplexity, Claude, Gemini) creates a risk of unintended data exposure or exfiltration.
[PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection attacks. Ingestion points: Research results gathered from external agents which crawl the live web. Boundary markers: None identified in the synthesis step of workflows/conduct.md. Capability inventory: The agent has the capacity to write to the file system and orchestrate further sub-agents. Sanitization: No sanitization or validation of the ingested external content is performed before it is processed and synthesized into the final report.
[COMMAND_EXECUTION]: Implements massive parallel orchestration by launching up to 24 sub-agents simultaneously using the Task tool for high-speed information gathering.
[EXTERNAL_DOWNLOADS]: Fetches and processes data from well-known services and specialized tools, including the Brightdata search and scraping suite, and the Perplexity, Claude, and Gemini research APIs.

research