The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The Python script scripts/chrome-profile-discovery.py is designed to locate browser profiles and verify the existence of sensitive authentication files such as Cookies and Login Data. The documentation in references/browser-tools.md also instructs on saving session tokens in unencrypted plaintext JSON files within the project environment.
[COMMAND_EXECUTION]: Test scripts located in the scripts/tests/ directory use subprocess.run() to execute Python commands and scripts using local file paths.
[EXTERNAL_DOWNLOADS]: The skill provides instructions for installing the third-party utility agent-browser via package managers like npm or brew and initializing the browser research environment.
[PROMPT_INJECTION]: The skill includes an autonomous execution mode (--headless) as described in SKILL.md and references/autonomous-wake.md, which allows the agent to perform data collection and profile discovery without user interaction.
[DATA_EXFILTRATION]: The skill is designed to process content from authenticated web sessions and public searches, creating a surface for the exposure of private data and indirect prompt injection.
Ingestion points: Data is retrieved from external websites and social media platforms through browser automation (see references/content-research.md).
Boundary markers: No specific delimiters or 'ignore embedded instructions' warnings are implemented for the ingested web content.
Capability inventory: The agent has access to file system writes and local command execution through provided scripts.
Sanitization: The scripts/research-synthesizer.py script performs basic truncation of input content but does not sanitize for malicious instructions or hidden characters.

paw-cra-agent-strategist