The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands for environment setup, specifically npm install crawlee playwright and npx playwright install chromium to enable browser-based crawling.
[EXTERNAL_DOWNLOADS]: The skill triggers the download of the crawlee and playwright packages from the official npm registry, along with browser binaries required for Playwright operations.
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by design, as it ingests data from arbitrary external websites.
Ingestion points: The requestHandler implementation in SKILL.md extracts text, attributes, and metadata from target URLs.
Boundary markers: The skill documentation lacks specific instructions or markers to differentiate scraped content from agent instructions, increasing the risk of the agent following instructions embedded in website content.
Capability inventory: The skill utilizes pushData and Dataset.exportToCSV for local file writing and enqueueLinks for further network requests based on scraped data.
Sanitization: There is no evidence of sanitization, filtering, or validation of the ingested external content before it is stored or processed.

crawlee