The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the Bash tool with a restricted command pattern (test:browser-*) to execute browser-based testing tasks, adhering to the principle of least privilege.\n- [PROMPT_INJECTION]: The skill exhibits a potential surface for indirect prompt injection through its ingestion of external data. 1. Ingestion points: Data enters the agent's context when it reads configuration files from {baseDir}/config/ and captures outputs from the Bash command execution. 2. Boundary markers: The instructions do not define delimiters or provide specific instructions for the agent to ignore potentially malicious commands embedded in these external sources. 3. Capability inventory: The agent is equipped with capabilities that could be exploited if malicious instructions are processed, specifically the Bash tool for command execution and the Write/Edit tools for file modification. 4. Sanitization: There are no mentioned procedures for sanitizing, validating, or escaping data read from the local file system or received as tool output before it is used to influence further actions.

testing-browser-compatibility