The Agent Skills Directory

[SAFE]: The skill consists of markdown-based instructions for a 'Digital Communication Director' persona. It provides guidelines for content adaptation and reporting without including any executable scripts or hidden logic.
[PROMPT_INJECTION]: The skill does not contain any attempts to override system prompts, bypass safety filters, or use 'jailbreak' techniques. The instructions are aligned with its stated purpose of social media orchestration.
[DATA_EXFILTRATION]: No hardcoded credentials (API keys, tokens, or passwords) or unauthorized network requests were detected. The mentioned integrations (Instagram, Telegram, WhatsApp Cloud API) are presented as conceptual tool references rather than embedded credentials.
[COMMAND_EXECUTION]: There are no shell commands, system calls, or subprocess executions within the provided file.
[REMOTE_CODE_EXECUTION]: The skill does not download or execute external scripts. The tools listed in the frontmatter (such as claude-code, cursor, and gemini-cli) are standard developer tools and IDEs.
[INDIRECT_PROMPT_INJECTION]: While the skill defines workflows that ingest user-provided content (/Publish_All), it functions as a prompt template rather than a script that performs unsafe interpolation. The risk of processing untrusted data is inherent to the LLM's general operation and not specifically escalated by this skill's logic.

social-orchestrator