The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/lib/browser.mjs uses execSync to execute shell commands for installing the playwright package and the Chromium browser environment.\n- [EXTERNAL_DOWNLOADS]: The skill automatically downloads and installs the Playwright framework and Chromium browser from official registries and well-known mirrors during its initial execution.\n- [DATA_EXFILTRATION]: The Playwright browser is launched with the --disable-web-security and --allow-file-access-from-files flags. These settings disable the Same-Origin Policy (SOP) and permit the browser to access the local file system. If the agent is directed to a malicious website, that site could potentially read local files from the host machine or exfiltrate data from other domains the user is authenticated with.\n- [PROMPT_INJECTION]: The skill extracts content (Markdown, interactive elements, and design tokens) from external URLs, creating a surface for indirect prompt injection attacks.\n
Ingestion points: External webpage content is ingested via Playwright navigation in scripts/extract.mjs.\n
Boundary markers: Absent. Extracted data is not wrapped in protective delimiters or accompanied by warnings to ignore embedded instructions.\n
Capability inventory: The skill possesses capabilities for command execution, file system writes, and network navigation.\n
Sanitization: There is no evidence of content sanitization or filtering of the extracted DOM content before it is processed by the agent.

extract-page-data