The Agent Skills Directory

[COMMAND_EXECUTION]: The skill implements a browser-based execution environment. Specifically, the evaluate action allows the agent to run arbitrary JavaScript code within the active browser tab via the Runtime.evaluate CDP method. This is an intended feature for browser automation but allows for complex client-side interactions.
[PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from external websites, creating a surface for indirect prompt injection.
Ingestion points: The content and html actions in browser.ps1 extract text and HTML source code directly from active browser pages into the agent's context.
Boundary markers: The skill does not implement delimiters or 'ignore instructions' markers when returning web content to the agent.
Capability inventory: The skill possesses significant capabilities including browser navigation (navigate), arbitrary JavaScript execution (evaluate), and form interaction (fill, type).
Sanitization: Extracted data is truncated by length (10,000 characters for text; 50,000 for HTML) but is not filtered or sanitized for malicious prompts or instructions embedded in the web content.

powerskills-browser