The Agent Skills Directory

[PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by ingesting untrusted data from external web pages. * Ingestion points: Profile data, activity, and posts are captured using the mcp__chrome-devtools__take_snapshot and take_screenshot tools. * Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore potentially malicious instructions embedded within the LinkedIn profile content. * Capability inventory: The skill has the ability to click elements, navigate to new URLs, and hover over elements using MCP tools. * Sanitization: There is no evidence of sanitization or validation of the content extracted from the browser before it is processed by the agent.
[COMMAND_EXECUTION]: The skill utilizes several browser automation MCP tools including mcp__chrome-devtools__list_pages, mcp__chrome-devtools__select_page, mcp__chrome-devtools__take_snapshot, and mcp__chrome-devtools__navigate_page. These are used appropriately to facilitate the profile analysis and metric calculations described in the core workflow.
[SAFE]: No evidence of hardcoded credentials, malicious obfuscation, persistence mechanisms, or unauthorized data exfiltration was found across the analyzed files.

linkedin-personal-branding