The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill processes job description content (likely generated by an LLM) and inputs it directly into a browser session targeting x.com.
Ingestion points: The content is read from post_content.txt in scripts/publish_x.py.
Boundary markers: No boundary markers or 'ignore' instructions are used when handling the generated text.
Capability inventory: The script uses Playwright for navigation, text entry, file uploading, and automated button clicking (post_btn.click()).
Sanitization: There is no validation or sanitization of the input text before it is filled into the web form.
[External Downloads] (LOW): The skill requires the installation of playwright and browser binaries from Microsoft.
Evidence: pip install playwright and playwright install chromium instructions in SKILL.md.
Trust Status: Downgraded to LOW as Microsoft is a trusted organization per [TRUST-SCOPE-RULE].
[Command Execution] (SAFE): The skill executes local Python and Node.js scripts to perform its tasks.
Evidence: Execution of node scripts/generate_images.js and python3 scripts/publish_x.py.
Context: These are standard operations for the skill's stated purpose and do not involve shell injection or elevated privileges.

x-recruiter