The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes curl commands via the bash tool to send notifications to a local service (http://localhost:8888/notify) upon invocation. This is a mandatory step in its workflows to provide voice notifications.
[EXTERNAL_DOWNLOADS]: The skill depends on the apify-client Node.js package and interacts with the official APIs of Apify (api.apify.com) and Bright Data (api.brightdata.com). These are well-known technology services used for the skill's intended scraping functionality.
[PROMPT_INJECTION]: The skill is designed to ingest and process arbitrary content from external websites, creating a surface for Indirect Prompt Injection.
Ingestion points: Any URL provided by the user is processed through multiple tiers, including standard fetch, custom curl, browser automation (Playwright), and the Apify platform (Apify/index.ts, BrightData/Workflows/FourTierScrape.md).
Boundary markers: While documentation encourages filtering data in code before returning it to the model, the workflows lack explicit boundary markers or 'ignore' instructions for the data being fetched.
Capability inventory: The skill has access to the bash tool (for curl), local network access, and the capability to read and apply user customization files from ~/.claude/PAI/USER/SKILLCUSTOMIZATIONS/.
Sanitization: Web content is converted to markdown for processing, but no semantic sanitization is performed to detect or strip embedded instructions designed to influence agent behavior.

Scraping