The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to execute setup and health check scripts, including 'npm install', 'node scripts/health-check.js', and 'npm run setup'. These commands are necessary for initializing the environment.- [EXTERNAL_DOWNLOADS]: The skill downloads external software packages and binaries, such as '@midscene/web', 'dotenv', and Chromium via 'npx puppeteer browsers install chrome'. These are standard components for the Midscene framework.- [REMOTE_CODE_EXECUTION]: In its 'Extended' mode, the skill transpiles YAML automation files into TypeScript and executes the resulting code using the 'tsx' runtime. This involves dynamic code generation and execution based on input data.- [COMMAND_EXECUTION]: The skill executes local scripts 'scripts/midscene-run.js' to perform the actual automation tasks. These scripts are assumed to be part of the skill's local repository.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it executes YAML files that can contain 'javascript' steps. If these YAML files are provided by an attacker or generated based on untrusted data, they could execute malicious logic. Evidence chain: (1) Ingestion points: YAML files provided as arguments. (2) Boundary markers: None identified. (3) Capability inventory: Bash execution, file manipulation, and Javascript execution in both browser and Node.js contexts. (4) Sanitization: The skill performs YAML syntax validation but does not sanitize the logic within javascript steps.

midscene-runner