The Agent Skills Directory

[DATA_EXFILTRATION]: The script scripts/detect.mjs uses the Node.js fetch API to perform HTTP GET requests to arbitrary URLs provided as command-line arguments. This involves network operations to non-whitelisted external domains, which is the primary mechanism for the skill's antibot detection.
[PROMPT_INJECTION]: The skill represents an indirect prompt injection surface because it retrieves and processes HTML and script content from untrusted external websites.
Ingestion points: Data is ingested through fetch calls targeting user-provided URLs in scripts/detect.mjs.
Boundary markers: The SKILL.md file explicitly warns the AI agent to treat the response body as untrusted input and not to follow instructions found within it.
Capability inventory: The skill uses fetch for data retrieval and prints formatted results to stdout. It does not possess capabilities to write to the filesystem or execute code based on the ingested content.
Sanitization: The logic is restricted to regular expression matching for specific bot mitigation tokens (cookies, headers, script patterns), which prevents the direct execution of the ingested content.

what-antibot