The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes several local CLI tools including ctx7, browser-use, and defuddle. The defuddle tool is used with the -o flag to write extracted content directly to the local file system.- [DATA_EXFILTRATION]: The skill's primary function is to fetch data from external URLs and return it to the agent context. While it includes a filter to prevent access to localhost and internal network paths, any public external content is ingested and potentially exposed.- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. Untrusted content is ingested from external web pages via WebFetch, defuddle, or browser-use and subsequently processed using an analysis template. There are no boundary markers or specific instructions to ignore embedded commands in the fetched data. This surface is risky because the agent possesses powerful capabilities such as browser automation and file writing.- [EXTERNAL_DOWNLOADS]: The documentation provides instructions to install an external third-party package, defuddle-cli, via the npm registry.

search-and-fetch