The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill instructs the user to install the printing-press binary from the author's GitHub repository (github.com/mvanhorn/cli-printing-press/v4) using go install. It also facilitates the installation of third-party tools such as browser-use (via pip or uv) and agent-browser (via npm or brew) to support its browser-based API discovery functionality.
[REMOTE_CODE_EXECUTION]: The 'Codex Mode' allows the skill to delegate code-writing and bug-fixing tasks to the codex CLI. This involves generating source code based on descriptions and logic extracted from untrusted web sources (e.g., API specifications, community tool documentation), which could lead to the generation of malicious code if those external sources are poisoned.
[COMMAND_EXECUTION]: The skill makes extensive use of the Bash tool to perform technical tasks, including building Go binaries, running network reachability probes with curl, and executing browser automation scripts. It also uses swift -e for accessing macOS-specific frameworks.
[DATA_EXFILTRATION]: The browser-sniff feature records network traffic to discover hidden API endpoints, a process that inherently handles sensitive data such as session cookies and authentication headers. Although the skill includes dedicated logic in references/secret-protection.md to redact these secrets before archiving, the initial capture of this data is a potential risk factor.
[PROMPT_INJECTION]: The skill ingests untrusted data from WebSearch, WebFetch, and live browser captures to create an 'absorb manifest'. This manifest is then used to guide the Agent tool and codex CLI in generating the CLI's features, making the generation process susceptible to indirect prompt injection from malicious content hosted on the web.

printing-press