The Agent Skills Directory

[COMMAND_EXECUTION]: The skill orchestrates browser automation through the infsh CLI, which is the official tool for the skill's vendor, inference.sh.
[REMOTE_CODE_EXECUTION]: Provides an execute function that allows the agent to run arbitrary JavaScript code within the browser context. This is a standard and necessary feature for advanced web automation.
[EXTERNAL_DOWNLOADS]: Skill documentation references the installation of additional tools and skills from the inference-sh organization via npx and fetches assets from cloud.inference.sh, both of which are trusted vendor resources.
[SAFE]: Includes templates and documentation for handling authentication via environment variables (APP_USERNAME, APP_PASSWORD), following security best practices to avoid hardcoding secrets.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection. Ingestion points: arbitrary web content from navigated URLs. Boundary markers: not explicitly defined. Capability inventory: JavaScript execution, file uploads, and session persistence. Sanitization: none implemented at the skill level; requires agent-side validation. This is a characteristic risk of browser-based tools and does not represent a specific malicious implementation.

agent-browser