The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/lighthouse_audit.py uses subprocess.run to call the Lighthouse CLI. It passes arguments as a list, which is a secure practice that prevents shell injection by avoiding shell interpolation of the target URL.
[EXTERNAL_DOWNLOADS]: The skill documentation identifies a dependency on the lighthouse CLI, which is a trusted, well-known auditing tool provided by Google. This dependency is documented neutrally as a functional requirement for automated audits.
[PROMPT_INJECTION]: The skill processes data from external URLs, creating a surface for indirect prompt injection where instructions hidden in a website's metadata could be ingested. However, this risk is inherent to the skill's primary purpose of auditing external sites and is handled as an operational reality rather than a malicious intent.
[PROMPT_INJECTION]: Evidence Chain: 1. Ingestion points: scripts/lighthouse_audit.py fetches data from arbitrary URLs. 2. Boundary markers: Absent in the resulting JSON output. 3. Capability inventory: The skill uses subprocess.run for execution and has Bash tool permissions. 4. Sanitization: No sanitization is performed on the content extracted from the external URL before being returned to the agent context.

performance-profiling