The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes lsof to identify active development ports and sips to resize evidence screenshots to avoid context window bloat. It also utilizes curl for minting session cookies against the application's test-auth endpoints.- [EXTERNAL_DOWNLOADS]: The agent downloads the axe-core accessibility library from a well-known and trusted CDN (cdnjs.cloudflare.com) to perform automated structural audits.- [REMOTE_CODE_EXECUTION]: The skill performs dynamic JavaScript execution within the browser environment using page.evaluate and mcp__claude-in-chrome__javascript_tool to detect layout issues, run accessibility tests, and collect performance metrics.- [DATA_EXFILTRATION]: The skill reads local project configuration files, including .env, wrangler.jsonc, vite.config.ts, and next.config.js, to programmatically discover the target application's URL and local environment settings.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data directly from the web application being audited.
Ingestion points: Web page text content via read_page and get_page_text calls, along with visual analysis of application screenshots.
Boundary markers: The instructions do not provide explicit delimiters or warnings to ignore instructions embedded within the application's text or console logs.
Capability inventory: The agent possesses browser control (form submission, navigation), shell command execution (lsof, sips), and network operation capabilities.
Sanitization: No explicit sanitization or validation of the text content extracted from the browser context is documented.

ux-audit