The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its processing of untrusted data. 1. Ingestion points: Configuration files (playwright.config.ts, package.json), source code files, and live browser DOM snapshots. 2. Boundary markers: No explicit delimiters or boundary instructions are provided for the agent when processing external content. 3. Capability inventory: File read and write access, file deletion, and browser automation via Playwright. 4. Sanitization: No sanitization or validation of the ingested content is defined.

e2e-ui-research