The Agent Skills Directory

[DYNAMIC_EXECUTION]: The run.js script implements a universal executor that takes JavaScript code as input from command-line arguments, files, or standard input, writes it to a temporary file, and executes it using the Node.js require() function. This enables runtime execution of dynamically generated scripts.- [DATA_EXPOSURE_AND_EXFILTRATION]: The lib/helpers.js file contains the detectDevServers function, which performs internal reconnaissance by scanning a predefined list of common ports on localhost to identify active services.- [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill's setup script and execution logic can trigger the download and installation of external Node.js packages and browser binaries from public registries and CDNs.- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process content from external websites, which may contain malicious instructions that could influence the agent's behavior. It lacks explicit boundary markers or sanitization logic for retrieved content.
Ingestion points: lib/helpers.js (extractTexts, extractTableData) and Playwright locators described in SKILL.md.
Boundary markers: Absent from the instructions for processing web data.
Capability inventory: Arbitrary command execution via run.js, file system access, and network operations.
Sanitization: No sanitization of page content is implemented before processing by the agent.

playwright-skill