The Agent Skills Directory

[DATA_EXFILTRATION]: The script uses the 'browser-cookie3' library to programmatically access and extract sensitive authentication cookies from local browser databases (including Chrome, Firefox, Brave, and Edge). These cookies are stored locally in '.cookies_cache.json' to maintain session persistence. While intended to facilitate Amazon access, this represents significant exposure of sensitive user credentials.- [PROMPT_INJECTION]: The skill ingests untrusted data from Amazon.com.br, specifically product titles, descriptions, and user reviews, which serves as a surface for Indirect Prompt Injection. An attacker could embed instructions in a product review to influence the agent's subsequent actions.
Ingestion points: 'scripts/amazon.py' via 'parse_product_details' and 'parse_reviews' functions.
Boundary markers: None; external content is directly integrated into the script's output.
Capability inventory: The skill utilizes 'Bash(python:*)' and has write access to the local filesystem.
Sanitization: Content is normalized for whitespace but not sanitized for executable instructions or prompt overrides.- [COMMAND_EXECUTION]: The skill setup involves installing multiple third-party dependencies and executing a browser binary installation command ('python -m camoufox fetch').

amazon