The Agent Skills Directory

[COMMAND_EXECUTION]: The scripts/with_server.py script uses subprocess.Popen with shell=True to execute commands passed via the --cmd argument. This is used to manage development servers but allows for arbitrary command execution.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. Scripts such as scripts/screenshot.py, scripts/snapshot.py, and scripts/verify.py ingest data from external URLs and output accessibility trees and console logs to the agent's context. There are no boundary markers or sanitization processes to prevent malicious content from the web pages from influencing agent behavior. Capabilities available for exploitation include command execution via the server management script.

testing-browser