The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to run standard security tools like npm audit and pip audit. These commands are used to identify known vulnerabilities in the application's dependencies and are appropriate for the tool's stated purpose.
[EXTERNAL_DOWNLOADS]: The agent interacts with user-provided external URLs and package registries (via audit tools) to perform its security assessment. These network operations are necessary for evaluating the security posture of web applications.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes content from external web pages and browser console logs.
Ingestion points: Target web application content and browser console logs retrieved through browser automation tools.
Boundary markers: The instructions do not explicitly define delimiters or "ignore" instructions for the data ingested from external pages.
Capability inventory: The skill uses browser automation (act), file writing (for report generation), and command execution (npm audit, pip audit).
Sanitization: No specific sanitization or validation of the content retrieved from the target application is specified.
[CREDENTIALS_UNSAFE]: The skill requests test credentials from the user to perform authenticated testing. It follows security best practices by explicitly advising the user to provide credentials for test accounts rather than production environments.

security-review