The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill performs legitimate requests to external API endpoints for Apollo.io, AI Ark, and Apify to retrieve enrichment data. These are well-known technology services and their use is documented for the skill's primary functionality.
[DATA_EXFILTRATION]: User-provided lead information (names, emails, LinkedIn URLs) is transmitted to official enrichment APIs. This data transfer is a core requirement of the enrichment process and targets established third-party services.
[PROMPT_INJECTION]: The skill has a vulnerability surface for indirect prompt injection (Category 8) as it ingests untrusted content from the web and social media. • Ingestion points: Web scraping, LinkedIn profile scraping, and news search results (SKILL.md, references/enrichment-playbook.md). • Boundary markers: Not explicitly defined for ingested content, though structured Markdown output templates are used to organize the results. • Capability inventory: Web search and HTTP API requests (POST/GET). • Sanitization: No explicit sanitization of scraped text is mentioned, relying on agent reasoning for extraction.
[CREDENTIALS_UNSAFE]: The skill and its reference playbook correctly use placeholders (e.g., [key], [token]) for all API authentication headers, avoiding the exposure of hardcoded secrets.

Sales Lead Enrichment