The Agent Skills Directory

Indirect Prompt Injection (SAFE): The skill ingests data from feature_list.json and parses natural language or Gherkin instructions to drive browser behavior. While this represents a surface for untrusted data to influence agent actions, the risk is mitigated by the skill's primary purpose and its use of a strictly defined action whitelist.
Ingestion points: feature_list.json (loaded in scripts/e2e_tester.py) and natural language strings processed by scripts/acceptance_parser.py.
Boundary markers: None present; instructions are treated as authoritative for the verification process.
Capability inventory: Browser automation (navigation, interaction, screenshots) via Playwright. Scripts are restricted to a predefined list of actions (goto, click, fill, type, press, select, wait, assert).
Sanitization: Input actions are normalized to lowercase and validated against an if/elif whitelist in scripts/browser_controller.py, preventing execution of arbitrary browser methods.
External Downloads (SAFE): The skill references the playwright library. While this is an external dependency, it is a standard tool for E2E testing maintained by a trusted organization (Microsoft), and the skill does not attempt to install packages or download remote scripts at runtime.

browser-e2e-tester