The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill invokes npx update-kit to perform session-based update checks. This command downloads and executes code from the public npm registry at runtime. As the package is not scoped to the vendor or a trusted organization, it introduces a supply chain risk through potential package squatting or unverified remote code execution.
[COMMAND_EXECUTION]: The skill uses osascript to execute arbitrary JavaScript within the user's active browser tabs on macOS. This provides the agent with full read/write access to the DOM of pages the user is actively viewing, including the ability to extract text, click elements, and manipulate form data.
[COMMAND_EXECUTION]: Background operations utilize curl to interact with a local CDP proxy (localhost:3456) and execute local scripts such as cdp-helper.py and check-deps.sh. These tools allow the agent to manage tabs, navigate to URLs, and simulate user input outside of the foreground browser window.
[PROMPT_INJECTION]: As a browser-based agent skill, it possesses a significant attack surface for indirect prompt injection. Malicious instructions hidden within the HTML of third-party websites visited by the agent could potentially override its behavior or lead to unintended actions during the browsing session.

browse