The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection. It fetches and processes data from external, third-party sources (GSM Arena, PhoneDB, SearXNG, etc.) and presents it to the agent. An attacker could potentially inject malicious instructions into the content of these pages to influence the agent's logic when it parses the results.
Ingestion points: The functions scrape_gsmarena_specs, search_phone_specs, and scrape_comparison_site ingest untrusted data from the web.
Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the prompt template.
Capability inventory: The skill utilizes shell commands (curl, grep, head) and network operations via JavaScript fetch.
Sanitization: No sanitization or filtering of the scraped HTML or text is performed before it is returned to the agent context.
[EXTERNAL_DOWNLOADS]: The skill performs network requests to several non-whitelisted external domains, including gsmarena.com, phonedb.net, mkmobilearena.com, devicebeast.com, comparigon.com, specsbattle.com, and various public SearXNG instances like searx.party. These are used for legitimate scraping functionality but represent an outbound communication channel.
[COMMAND_EXECUTION]: The skill uses shell-based tools such as curl, grep, sed, and head to retrieve and parse data. While these are used for the primary purpose of the skill, they provide a capability for command execution that relies on the agent correctly handling and quoting input variables (like PHONE_URL or QUERY) when invoking the shell.

phone-specs-scraper