The Agent Skills Directory

Data Exposure & Exfiltration (LOW): The skill is configured to upload generated news digests to an external, non-whitelisted endpoint (https://transilience--s3-file-upload-fastapi-app-dev.modal.run/upload_s3). This establishes a pattern of sending agent-processed data to an unverified third-party infrastructure. While the current content is public news, this destination is not a trusted source and could serve as an exfiltration point for user context or intent.
Indirect Prompt Injection (LOW): The skill processes content from 15 external websites, creating a vulnerability surface where malicious instructions embedded in news headlines could influence agent behavior.
Ingestion points: 15 business news domains (e.g., Bloomberg, Reuters, WSJ) mentioned in README.md and SKILL.md.
Boundary markers: Absent; no specific instructions are provided to the coordinator or specialized scrapers to ignore instructions within the scraped data.
Capability inventory: Sub-agent orchestration (spawning 5 scrapers), local file writes to /tmp/, and network POST operations to the Modal endpoint.
Sanitization: No evidence of sanitization or escaping of external content is present in the provided instructions.

business-news-research-coordinator