The Agent Skills Directory

[CREDENTIALS_UNSAFE]: The script scripts/search.py attempts to locate and load the user's primary browser profile directory (specifically the User Data folders for Google Chrome and Microsoft Edge in %LOCALAPPDATA%). These directories are sensitive credential stores containing active session cookies, history, and stored tokens.
[EXTERNAL_DOWNLOADS]: The skill requires the installation of the Playwright framework and its associated Chromium binaries. These resources are provided by Microsoft's official services.
[PROMPT_INJECTION]: The skill ingests untrusted data from Xiaohongshu search results, creating an indirect prompt injection surface.
Ingestion points: Note titles and image URLs extracted from https://www.xiaohongshu.com in scripts/search.py.
Boundary markers: None. Extracted strings are printed to the terminal and saved to files without protective delimiters or instruction-ignore markers.
Capability inventory: The skill can perform local file system writes and output data to the terminal.
Sanitization: None. Extracted content is used as-is from the web page with no filtering for malicious instructions.
[COMMAND_EXECUTION]: The script executes shell commands to initialize Playwright and utilizes the ctypes library to trigger native Windows system message boxes.

xiaohongshu-search