The Agent Skills Directory

[COMMAND_EXECUTION]: The skill relies on the agent-browser CLI to perform browser interactions. This execution is restricted to the tools specified in the allowed-tools YAML frontmatter.
[EXTERNAL_DOWNLOADS]: The skill's setup process involves installing the agent-browser package and downloading an official "Chrome for Testing" binary using the agent-browser install command.
[REMOTE_CODE_EXECUTION]: The CLI includes an eval command that allows for the execution of arbitrary JavaScript within the browser context. This is a core functionality for interacting with modern web applications and is documented for legitimate automation purposes.
[PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) as it processes untrusted data from external websites. Ingestion points include snapshots and page text extraction. Capabilities include JavaScript execution, file writing, and network monitoring. No explicit boundary markers or content sanitization are provided within the skill's instructions.
[CREDENTIALS_UNSAFE]: Authentication documentation and templates explicitly advise against hardcoding secrets, recommending secure alternatives like environment variables and the built-in authentication vault for handling sensitive data.

agent-browser