The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill requires the installation of the aat-devqa Python package and the Playwright chromium browser engine from external registries.
[COMMAND_EXECUTION]: The skill executes shell commands to set up the environment, run the aat CLI tool, and install a git post-commit hook for automated scanning, which modifies the local development environment and provides a persistence mechanism.
[DATA_EXFILTRATION]: Automated testing involves scanning web applications to capture the DOM, interactive elements, and screenshots. This captured UI data is transmitted to external AI provider endpoints (such as Claude, OpenAI, or Gemini) as configured by the user.
[PROMPT_INJECTION]: The skill contains strict internal directives to control agent behavior and sub-command usage. It also presents a surface for indirect prompt injection by processing content from external URLs during element scanning. Ingestion point: aat scan reads external page data. Boundary markers: None identified. Capability inventory: The tool performs browser automation and code modifications. Sanitization: No explicit sanitization of external content is mentioned.

awt