The Agent Skills Directory

[COMMAND_EXECUTION]: The script "scripts/new_scraper.py" performs script generation by substituting user-provided parameters (scraper name and target URL) into a predefined Python template. It also marks the resulting file as executable using "chmod 0o755". While intended for scaffolding, this creates a potential surface for local code injection in the generated script if the input parameters are not properly sanitized.
[PROMPT_INJECTION]: The skill focuses on scraping and processing content from external websites, creating a surface for Indirect Prompt Injection. Malicious instructions hidden in a target website's HTML could potentially influence the behavior of an agent processing the scraped data. (1) Ingestion points: Network responses from target URLs. (2) Boundary markers: None implemented in the generated scraper templates. (3) Capability inventory: File system access (CSV writing) and network operations (fetching URLs). (4) Sanitization: The skill emphasizes structural data cleaning but does not specifically implement sanitization to prevent the interpretation of data as instructions.
[EXTERNAL_DOWNLOADS]: The skill provides tools for fetching content from arbitrary external URLs. While this is the core functionality of a web scraper, it involves interacting with and processing data from untrusted third-party servers.

web-scraping-python