The Agent Skills Directory

[SAFE]: No security issues detected. The skill acts as a reference for web testing strategies.
[DATA_EXFILTRATION]: Uses environment variables like $API_URL and $APP_URL for target identification. This is a standard and safe configuration practice for testing tools and does not constitute unauthorized data access.
[COMMAND_EXECUTION]: Includes basic shell commands such as mkdir, curl, and tee for the purpose of creating a directory structure and capturing API responses or headers as validation evidence. These operations are well-scoped to the stated purpose of web testing.
[PROMPT_INJECTION]: While the skill contains common security exploit payloads (e.g., XSS and SQL injection strings), these are explicitly labeled as test data for the agent to use when validating input sanitization on a target application, rather than instructions intended to subvert the agent's own logic.

web-testing