The Agent Skills Directory

[REMOTE_CODE_EXECUTION]: The skill instructs the user to set up a required tool using the command 'npx -y chrome-devtools-mcp@latest'. This pattern downloads and executes the latest version of code from the NPM registry at runtime. Using unversioned dependencies (@latest) from sources that are not pre-vetted trusted vendors introduces a risk of supply chain attacks.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from external websites. Ingestion points: Web content is retrieved and analyzed via tools such as 'navigate_page' and 'performance_analyze_insight'. Boundary markers: The skill lacks explicit instructions or delimiters to help the agent distinguish between intended instructions and potentially malicious content found within the audited websites. Capability inventory: The agent has capabilities to navigate to arbitrary URLs and list network requests, which could be abused if a malicious site successfully injects instructions. Sanitization: There is no mention of sanitizing or validating the data retrieved from external web pages before the agent processes it.
[EXTERNAL_DOWNLOADS]: The skill references and retrieves documentation from well-known technical resources such as 'web.dev' and 'developer.chrome.com' for performance metric thresholds and API documentation.
[COMMAND_EXECUTION]: The skill provides the specific shell command required to configure the local MCP environment necessary for the performance audit tasks.

web-performance-optimization