The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill documentation includes instructions to install the browserless and puppeteer packages from NPM, as well as specific scoped packages such as @browserless/cli, @browserless/lighthouse, @browserless/screencast, and @browserless/function. These represent the primary functionality of the skill and are sourced from the author's ecosystem.
[COMMAND_EXECUTION]: The documentation provides multiple CLI commands and API methods for executing browser automation tasks. This includes the browserless.evaluate function, which allows for custom JavaScript execution within the context of a headless browser page for data extraction or interaction.
[DATA_EXFILTRATION]: The skill is designed to extract content such as HTML, text, and screenshots from arbitrary external URLs. While this is the intended purpose, it involves retrieving and processing data from remote sources that could potentially contain sensitive or malicious payloads.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it ingests and extracts content from untrusted external web pages.
Ingestion points: Untrusted data enters the context through browserless.html(), browserless.text(), browserless.screenshot(), and browserless.pdf() in SKILL.md.
Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore or isolate instructions found within the scraped content.
Capability inventory: The skill provides capabilities for package installation (npm install), writing files to disk (writeFile), and executing code in the browser context (browserless.evaluate).
Sanitization: No sanitization, filtering, or validation of the fetched external content is described or implemented in the provided documentation.

browserless