The Agent Skills Directory

[COMMAND_EXECUTION]: The skill leverages Playwright MCP tools to perform browser-based tasks such as navigation, form interaction, and UI validation as defined in references/playwright_automation.md.
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection given its primary function of processing external data and navigating web pages. 1. Ingestion points: Untrusted feature requirements, user stories, and third-party web content accessed via Playwright MCP in SKILL.md and references/playwright_automation.md. 2. Boundary markers: The skill uses placeholders like [brackets] in templates but lacks explicit prompt delimiters or instructions to ignore embedded commands in the processed data. 3. Capability inventory: The agent can execute browser commands via MCP and write files to the local system (test specs and documentation). 4. Sanitization: The instructions in SKILL.md explicitly mandate input validation and escaping before data is used in generated code execution.
[DATA_EXFILTRATION]: Documentation regarding credential handling in SKILL.md and assets/templates/playwright-test.md reinforces security best practices by strictly forbidding hardcoded secrets and advocating for environment variables.

qa-test-planner