The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the agent to install an unverified Node.js package globally using the command 'npm install -g agent-browser' if the tool is not already available. It also directs the installation of browser dependencies via 'npx playwright install chromium'.
[COMMAND_EXECUTION]: The agent is tasked with executing shell commands for package installation and utilizing the 'agent-browser' command-line interface for web automation tasks, including navigation, taking screenshots, and extracting text content from remote websites.
[PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection because it fetches body text from various external sources—such as competitor pricing pages, reviews on G2 or Capterra, and the LinkedIn Ad Library—and uses this data to generate sales collateral. * Ingestion points: Multiple research tasks in SKILL.md that use 'agent-browser get text body' to retrieve content from external domains. * Boundary markers: The skill does not specify any delimiters or instructions to ignore embedded commands within the fetched content. * Capability inventory: The skill has access to command execution (npm and agent-browser), network access, and the ability to save files (screenshots) to the local brand directory. * Sanitization: There is no evidence of validation or filtering applied to the retrieved web content before it is processed by the agent.

marketing-sales