The Agent Skills Directory

[SAFE]: The skill defines agent behavior and positioning for user onboarding. It uses standard platform features like scheduled_task and a pseudo-function memory to manage user sessions and automation.
[DATA_EXPOSURE]: The skill instructions involve accessing sensitive data such as Gmail inboxes, Twitter feeds, and private databases. However, these operations are directed through authorized platform integrations (e.g., Composio) and are intended for legitimate user automation tasks. No unauthorized exfiltration or hardcoded credentials were detected.
[INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from external sources.
Ingestion points: 'Step 3' involves reading Gmail content, Twitter posts, and user-provided raw materials for report generation.
Boundary markers: There are no explicit instructions to use delimiters or ignore embedded commands within the fetched external data.
Capability inventory: The agent has access to scheduled_task for persistence and the ability to generate/execute code ('build a small tool', 'run one quick query').
Sanitization: The instructions lack specific sanitization or validation steps for content retrieved from APIs or user inputs.
[SAFE]: The URL community.iamstarchild.com is a vendor-owned resource belonging to the skill author (Starchild-ai-agent) and is used for legitimate deployment demonstrations.

user-onboarding