The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses shell commands for environment setup and process management. \n
server.sh runs npm install to manage Node.js dependencies. \n
scripts/start-server.ts uses execSync to run playwright install chromium for browser setup. \n
scripts/start-server.ts executes kill -9 to terminate stale browser processes on port 9223. \n- [EXTERNAL_DOWNLOADS]: The skill performs downloads of external software components. \n
Initialization scripts download NPM packages and Chromium binaries. \n
SKILL.md links to a third-party GitHub repository for a Chrome extension necessary for certain modes. \n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection when processing external web content. \n
Ingestion points: Data enters the agent context through page navigation in src/client.ts and DOM/ARIA snapshots in src/snapshot/browser-script.ts. \n
Boundary markers: No explicit delimiters are used to isolate web content from agent instructions. \n
Capability inventory: The skill provides full browser control via Playwright, file writes to the tmp/ directory, and authenticated network requests via the browser's fetch API. \n
Sanitization: Content extracted from the web is not sanitized before being presented to the model. \n- [REMOTE_CODE_EXECUTION]: The skill utilizes dynamic script execution for page inspection. \n
src/client.ts uses page.evaluate and eval() to inject a locally defined tool for generating ARIA snapshots. \n
Scraping documentation in references/scraping.md recommends using page.evaluate to replay API requests using the browser's fetch API to inherit session cookies.

dev-browser