The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the browser_evaluate Playwright MCP tool to run custom JavaScript within the target browser's environment to perform layout analysis and accessibility checks as described in SKILL.md.
[PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it is designed to analyze untrusted data from external websites. Ingestion points: Target website structure, text, and console messages retrieved through browser_snapshot, browser_evaluate, and browser_console_messages in SKILL.md. Boundary markers: The skill does not define specific delimiters or instructions to help the agent distinguish between its own logic and potentially malicious instructions embedded in the target website's HTML or content. Capability inventory: The skill leverages browser navigation and JavaScript execution tools; however, no evidence of local file system access, persistence, or data exfiltration was found. Sanitization: The audit findings are structured into markdown reports, but there is no explicit instruction for the agent to sanitize or filter data from the audited pages before reporting.
[SAFE]: All external libraries mentioned, such as @axe-core/playwright and @playwright/test, are well-known, trusted industry standards for quality assurance and accessibility testing.

frontend-ux-qa-pro