The Agent Skills Directory

[PROMPT_INJECTION]: Static analysis identified potential prompt overrides in 'css-first-generation.md'. However, these are defensive instructions designed to protect the agent. The skill explicitly warns the AI to ignore any directive-like text found in scraped content (e.g., 'ignore previous instructions') and treat it strictly as display data.- [INDIRECT_PROMPT_INJECTION]: The skill operates on untrusted data from external URLs, which is a significant attack surface. It mitigates this risk through mandatory sanitization checks, the use of boundary markers (BEGIN/END EXTRACTED DATA) in generation prompts, and clear instructions to avoid executing any downloaded code.- [EXTERNAL_DOWNLOADS]: The skill downloads CSS, JavaScript bundles, images, and fonts from target websites. It implements safe download practices, including HTTPS enforcement, file size limits (10MB), and timeouts. It strictly prohibits the execution of downloaded JavaScript, limiting analysis to static 'grep' operations.- [COMMAND_EXECUTION]: The skill utilizes the 'agent-browser' tool and 'bash' scripts for its core pipeline. These operations are necessary for the skill's purpose and are conducted with explicit warnings against credential forwarding or executing untrusted code.

ui-reverse-engineering