The Agent Skills Directory

[SAFE]: The skill defines a clear ingestion surface for untrusted data including DOM content, console logs, and network responses from the browser (SKILL.md). It implements robust boundary markers and sanitization rules, instructing the agent to treat all browser content as data and never as instructions. Capabilities like JavaScript execution are limited to read-only state inspection and require user confirmation for mutations.
[EXTERNAL_DOWNLOADS]: The skill references '@anthropic/chrome-devtools-mcp', which is an official package from a trusted organization. The suggested installation via npx is a standard and safe deployment method for this tool.
[PROMPT_INJECTION]: Static analysis identified instruction-override patterns like 'Ignore previous instructions'. However, these are used defensively within the 'Security Boundaries' section to instruct the agent to disregard malicious directives found within untrusted browser content.
[COMMAND_EXECUTION]: The skill provides instructions for executing JavaScript within the browser context for debugging. It sets explicit constraints to prevent data exfiltration, unauthorized credential access, and external network requests, maintaining a safe operating environment.

browser-testing-with-devtools