The Agent Skills Directory

[PROMPT_INJECTION]: The skill presents an indirect prompt injection surface. It uses browser automation to scrape text content from competitor ad libraries (Meta, Google, LinkedIn, TikTok) and landing pages. This untrusted external data is ingested directly into the agent context without sanitization or explicit boundary markers, which could allow malicious instructions embedded in ad descriptions to influence subsequent agent actions.
[COMMAND_EXECUTION]: The skill executes multiple shell scripts and CLI tools for environment setup. It runs locally provided scripts such as './skills/paw-mkt-setup/assets/scripts/tool-discovery.sh' and 'chrome-profiles.sh' to audit the environment and extract browser profile paths. It also utilizes 'npm' and 'npx' for package installation and execution.
[EXTERNAL_DOWNLOADS]: The skill performs remote tool installation. It instructs the agent to install 'agent-browser' and its 'playwright' dependencies from external sources. Note: The primary source (Vercel Labs) is a trusted organization.
[CREDENTIALS_UNSAFE]: The skill manages sensitive authentication data. It directs the agent to locate and use existing browser profiles in the user's home directory (e.g., '~/.linkedin-profile') to maintain authenticated states. Additionally, it provides instructions to save persistent session tokens to local JSON files within the project workspace (e.g., 'my-auth.json'), which may lead to accidental credential exposure.

paw-mkt-paid-ads