The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The script scripts/research_leads.py reads a Gemini API key from a local configuration file at references/credentials.md. Handling secrets in plain text files is a high-risk practice.\n- [PROMPT_INJECTION]: The skill is vulnerable to direct prompt injection. User-provided values for region and category are directly interpolated into the LLM prompt in scripts/research_leads.py within the build_prompt function. A malicious user could provide input designed to override the agent's instructions and manipulate the AI's behavior.\n- [COMMAND_EXECUTION]: The skill's workflow in SKILL.md involves executing local Python scripts using the Bash tool. These commands include variables like <region> and <category> that are derived from user input, which can be a vector for command injection if not properly handled by the agent environment.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted data from the public web via Google Search grounding.\n
Ingestion points: Company information and contact details are retrieved from external websites by the Gemini API and passed back into the skill's logic in scripts/research_leads.py.\n
Boundary markers: While the prompt requests data in a structured JSON format, there are no explicit boundary markers or instructions to the AI to ignore potentially malicious content found on the crawled websites.\n
Capability inventory: The skill has the ability to write files to the user's filesystem (generate_leads_xlsx.py) and execute shell commands (SKILL.md).\n
Sanitization: The skill parses the AI's response using json.loads, but it does not perform textual sanitization or validation on the company data before it is written to the final Excel report.\n- [EXTERNAL_DOWNLOADS]: The skill references an external dependency scripts/xlsx/recalc.py which is not provided within the skill's own directory. This represents an unverifiable script dependency that is required for certain optional features.

lead-gen