The Agent Skills Directory

[Indirect Prompt Injection] (LOW): The skill interacts with untrusted external websites which serves as a potential vector for malicious instructions. Ingestion points: External web content accessed via navigate_page and take_snapshot. Boundary markers: The documentation does not specify markers to isolate untrusted data from the agent's instructions. Capability inventory: Includes evaluate_script (JavaScript execution) and list_network_requests (network traffic analysis). Sanitization: No evidence of content sanitization is provided.
[No Code] (SAFE): The skill consists of instructional content and tool definitions without accompanying executable code.

chrome-devtools