The Agent Skills Directory

[DYNAMIC_EXECUTION]: The script scripts/run-cdp-task.js utilizes require() to dynamically load and execute JavaScript task files provided via command-line arguments. This is the intended mechanism for running browser automation scripts within the skill's workflow.
[INDIRECT_PROMPT_INJECTION]: The skill interacts with external websites to extract content (Markdown, HTML, semantic trees), creating a surface where untrusted web data could contain instructions for the agent.
Ingestion points: External URLs processed via scripts/run-lightpanda.js and scripts/run-cdp-task.js.
Boundary markers: The skill does not currently implement explicit delimiters or instructions to ignore embedded content within the rendered output.
Capability inventory: The skill can spawn local processes, execute arbitrary JavaScript tasks, and write output files to the local file system.
Sanitization: The skill returns raw or processed web content without applying additional sanitization filters prior to presentation to the agent.
[COMMAND_EXECUTION]: External commands for the lightpanda binary or docker are executed using child_process.spawn. The implementation correctly uses shell: false to mitigate risk from shell-based command injection.

lightpanda-browser