The Agent Skills Directory

[DATA_EXPOSURE]: The skill utilizes the BROWSERACT_API_KEY environment variable to authenticate with the BrowserAct API. This is a standard and secure method for managing API credentials.- [EXTERNAL_DOWNLOADS]: The scripts/zhihu_search_api.py script makes HTTP POST and GET requests to api.browseract.com to initiate and retrieve search results. These operations are essential for the skill's search functionality.- [PROMPT_INJECTION]: The skill retrieves and displays full article content from Zhihu, representing a surface for indirect prompt injection. 1. Ingestion points: Article titles and body content are fetched in scripts/zhihu_search_api.py and printed to the console. 2. Boundary markers: The script outputs the result string directly without specific boundary delimiters (e.g., XML tags) for the agent. 3. Capability inventory: The skill is limited to making network requests to the vendor's API and printing text; it does not perform sensitive file operations or arbitrary command execution based on the data. 4. Sanitization: No explicit sanitization or filtering of the retrieved web content is performed before it is output.

zhihu-search-api-skill