The Agent Skills Directory

[COMMAND_EXECUTION]: The skill heavily utilizes the agent-browser CLI to automate web tasks. It uses shell commands to manage browser sessions, navigate pages, and interact with DOM elements via generated references.
[REMOTE_CODE_EXECUTION]: The skill provides an eval command that allows the agent to execute arbitrary JavaScript within the browser context. This includes support for executing scripts provided via standard input or Base64-encoded strings to bypass shell character limitations.
[DATA_EXFILTRATION]: The tool is designed to extract information from web pages, including full text, screenshots, and element trees. It also facilitates the saving and loading of session states, which contain sensitive session tokens and cookies. To mitigate risks, it recommends using encryption keys and .gitignore for these state files.
[PROMPT_INJECTION]: Since the skill processes untrusted web content, it is vulnerable to indirect prompt injection. However, it includes proactive security features like --content-boundaries, which uses cryptographic nonces and origin tracking to help the agent distinguish between tool instructions and untrusted page content.

agent-browser