The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the installation of the agent-browser CLI tool via npm (npm i -g agent-browser). This dependency is necessary for the skill's functionality and originates from a well-known technology provider.
[COMMAND_EXECUTION]: The skill utilizes shell commands to interface with the agent-browser CLI, performing operations such as opening URLs, taking accessibility snapshots, and interacting with page elements.
[REMOTE_CODE_EXECUTION]: The skill includes an eval command that allows the execution of arbitrary JavaScript within the browser's environment. This is a standard capability for browser automation to handle complex web interactions.
[DATA_EXFILTRATION]: The skill provides tools to access sensitive browser data including cookies, local storage, and custom authentication headers. It also supports uploading local files to web forms using the upload command. These capabilities are consistent with the skill's primary purpose of browser automation.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it retrieves and processes untrusted content from external websites. * Ingestion points: Content retrieved from websites via the open, snapshot, and get commands. * Boundary markers: No specific delimiters or safety instructions are defined to separate web content from the agent's core instructions. * Capability inventory: Includes the ability to execute JavaScript, upload files, and interact with web forms. * Sanitization: No sanitization or validation of data extracted from web pages is specified before it is used by the agent.

browser