The Agent Skills Directory

[PROMPT_INJECTION]: The skill includes a 'CRITICAL: Prompt Injection Warning' section that explicitly instructs the agent to treat content from web pages as untrusted. It defines the use of [PAGE_CONTENT: ...] delimiters and provides clear negative constraints to prevent the agent from executing instructions found within processed web data.
[COMMAND_EXECUTION]: The skill relies on executing a local Node.js script located at /Users/avifen/.agentsys/plugins/web-ctl/scripts/web-ctl.js. This script is part of the toolset provided by the vendor ('avifenesh') and is used for session management and browser control.
[EXTERNAL_DOWNLOADS]: The documentation mentions installing dependencies such as Playwright and standard VNC utilities (Xvfb, x11vnc, websockify, novnc). Playwright is a well-known browser automation library from a trusted source, and the other utilities are standard Linux packages.
[DATA_EXFILTRATION]: While the skill manages sensitive authentication sessions, it describes the use of encrypted storage and provides commands for session revocation (session revoke). It does not show evidence of sending credentials to unauthorized third-party domains.

web-auth