The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local shell scripts and batch files to perform system introspection and locate browser profiles. Evidence: references/shared-patterns.md references ./skills/paw-mkt-setup/assets/scripts/tool-discovery.sh and chrome-profiles.sh for environment setup.
[DATA_EXFILTRATION]: The skill contains protocols for discovering local browser profiles and harvesting authentication states, session tokens, and persistent cookies. Evidence: references/shared-patterns.md details how to use agent-browser --auto-connect state save ./my-auth.json and utilize authenticated sessions for research on platforms like LinkedIn and Twitter.
[REMOTE_CODE_EXECUTION]: The skill provides instructions to download and install external browser automation software and drivers. Evidence: references/shared-patterns.md fetches the agent-browser tool from the official Vercel Labs GitHub repository using npx skills add and npm install.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from live websites and local strategy files without sanitization.
Ingestion points: Live website URL audits (references/shared-patterns.md) and SOSTAC phase files (references/auto-extract.md).
Boundary markers: Absent; instructions do not specify delimiters or warnings to ignore embedded instructions in external data.
Capability inventory: File system write operations, shell script execution, and browser automation.
Sanitization: Absent; the skill does not implement validation or escaping for data extracted from external websites or existing strategy documents before integrating it into new positioning documents.
[EXTERNAL_DOWNLOADS]: The skill downloads browser automation tools and Playwright browser binaries from external repositories to support research tasks.

paw-mkt-product-context