The Agent Skills Directory

[COMMAND_EXECUTION]: The skill operates through the agent-browser CLI, which executes complex browser interactions. This includes the ability to perform clicks, fill inputs, and manage browser states.
[EXTERNAL_DOWNLOADS]: The skill instructions recommend installing the agent-browser package from standard package registries like NPM, Homebrew, or Cargo. It also includes an install command designed to download necessary browser binaries (Chromium).
[DATA_EXFILTRATION]: The tool can access sensitive browser data, including cookies, local storage, and the system clipboard. It also supports saving session states to local files. The documentation explicitly warns users about the presence of plaintext tokens in these files and suggests using encryption keys for security at rest.
[PROMPT_INJECTION]: The skill is exposed to indirect prompt injection because it processes content from untrusted external websites. To address this, the tool offers an opt-in --content-boundaries feature that wraps web content in identifiable markers, helping the agent distinguish between tool results and potential malicious instructions embedded in the page.
[REMOTE_CODE_EXECUTION]: The skill allows the execution of arbitrary JavaScript code within the browser context via the eval command. This feature supports receiving script content through standard input or as base64-encoded strings, which is a powerful capability that requires careful use by the agent.

agent-browser-agent-browser