The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the agent-browser CLI to perform browser automation tasks.\n- [EXTERNAL_DOWNLOADS]: The CLI tool is downloaded from the NPM registry and cloned from the Vercel Labs GitHub repository, both of which are trusted sources.\n- [REMOTE_CODE_EXECUTION]: The eval command enables arbitrary JavaScript execution within the headless browser environment, which is an expected capability for web automation.\n- [CREDENTIALS_UNSAFE]: The tool includes functionality to save and load browser session states (cookies and tokens) and configure basic authentication credentials.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface. 1. Ingestion points: Untrusted data enters the agent context through snapshot and get commands. 2. Boundary markers: No explicit delimiters or instructions are used to isolate ingested web content. 3. Capability inventory: The tool possesses click, fill, eval, and network interaction capabilities. 4. Sanitization: There is no documented sanitization of content retrieved from external websites before processing.

Agent Browser