The Agent Skills Directory

COMMAND_EXECUTION (MEDIUM): The skill is designed to enable the code_execution_20250825 tool, which allows the agent to write and run Python code for tool orchestration. This dynamic execution capability is a high-privilege feature that could be exploited if the generated code logic is influenced by malicious input.
EXTERNAL_DOWNLOADS (LOW): The setup instructions direct the user to install the ptc_wrapper package from a local path using uv pip install -e .. This assumes the user has already obtained the source code from an external source.
PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection as it performs multi-URL scraping and browser automation. Malicious instructions embedded in target web pages could influence the code generated by the agent for orchestration.
Ingestion points: Content from scraped URLs and browser action snapshots.
Boundary markers: None present in the skill definition to separate untrusted web content from the orchestration instructions.
Capability inventory: code_execution, flaresolverr (MCP), and browsermcp (MCP) which provide browser and network access.
Sanitization: No evidence of sanitization or filtering of external data before it is processed by the orchestration logic.

ptc-orchestration