The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses shell commands to check for tool availability (e.g., 'which playwright'), manage directories, and execute cloning logic. It also uses 'npx' to scaffold Next.js projects and install the skill itself.- [EXTERNAL_DOWNLOADS]: To achieve high-fidelity cloning, the skill fetches content from user-provided URLs. It also suggests installing the 'playwright' library and the Chromium browser, which are well-known developer tools.- [DATA_EXFILTRATION]: The skill's core function involves fetching the entire DOM and CSS from a remote target and saving it to the local filesystem in the 'test_outputs/' directory. This is the intended behavior for a cloner.- [REMOTE_CODE_EXECUTION]: The skill provides detailed Python and JavaScript code snippets that the agent is expected to execute to control the headless browser and process the extracted website content.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from the internet. However, it mitigates this by stripping '' tags, removing tracking pixels, and replacing iframes in the final output. * Ingestion points: Website content from TARGET_URL (SKILL.md). * Boundary markers: None explicitly used to isolate remote content from the agent's instructions. * Capability inventory: Access to 'Bash', 'Write', 'Read', 'WebSearch', and 'WebFetch' tools. * Sanitization: Explicitly strips all '' tags from the cloned body and removes analytics/tracking scripts.

frontend-ui-clone