The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes a shell script (scripts/capture_card.sh) to execute external browser binaries such as Google Chrome or Chromium to perform the card rendering task. It also uses the CHROME_BIN environment variable, which could allow a malicious actor with environmental control to redirect execution to an arbitrary binary.\n- [EXTERNAL_DOWNLOADS]: The HTML templates in assets/card-template.html and references/editorial-card-prompt.md include references to Google Fonts (fonts.googleapis.com), which are fetched over the network during the rendering process. This is a standard and neutral practice for web design.\n- [DATA_EXFILTRATION]: The rendering script uses the file:// protocol to load the generated HTML into the browser. This capability poses a data exposure risk: if an attacker can influence the file path provided to the browser, they could potentially direct it to render and screenshot sensitive local files (e.g., configuration files, keys, or credentials) residing on the agent's filesystem.\n- [REMOTE_CODE_EXECUTION]: The skill constructs HTML content from user-provided information and then renders it in a browser. This creates an XSS (Cross-Site Scripting) surface where malicious scripts embedded in the source text could be executed within the headless browser context during the screenshot capture process.

editorial-card-screenshot