The Agent Skills Directory

[COMMAND_EXECUTION]: The skill facilitates the execution of a Python script (scripts/playwright_runner.py) which launches a Chromium browser instance to perform automated testing tasks.
[EXTERNAL_DOWNLOADS]: The skill requires downloading external dependencies and browser binaries using pip install playwright and playwright install chromium. These are legitimate requirements for the tool's stated purpose of web testing.
[PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests untrusted data from external websites.
Ingestion points: scripts/playwright_runner.py (lines 59-71) retrieves page titles and header text from arbitrary URLs.
Boundary markers: Data is encapsulated in a JSON response object, but no specific boundary markers or warnings are included to prevent the agent from following instructions contained within the fetched content.
Capability inventory: The skill is granted Bash, Read, Write, and Edit tool permissions, which could be leveraged if the agent incorrectly follows instructions embedded in a target website's metadata.
Sanitization: The script does not sanitize or filter the content retrieved from the web pages before returning it to the agent.

webapp-testing