The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes shell commands to interact with the local environment and the Google Chrome application. It executes osascript to run bundled AppleScript files for tab management and curl to communicate with the local Chrome DevTools Protocol (CDP) endpoint.
[DATA_EXFILTRATION]: The skill performs data exposure by enumerating and collecting the titles and URLs of all active browser tabs. This sensitive browsing history is brought into the agent's context for classification and reporting. While the data is processed locally at 127.0.0.1:9222, the exposure to the LLM context is a privacy consideration.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted content from website titles and URLs.
Ingestion points: Tab metadata retrieved via curl from the CDP JSON list and output from the list-chrome-tabs.applescript script.
Boundary markers: None. There are no instructions or delimiters defined to prevent the agent from following instructions potentially embedded in website titles.
Capability inventory: The skill provides the agent with capabilities to execute local scripts (osascript), perform network requests (curl), and close browser targets via WebSocket commands.
Sanitization: No validation or sanitization is performed on the ingested titles or URLs before they are processed by the agent's heuristics.

chrome-tab-killer