The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]:
Ingestion points: The skill ingests untrusted business data and review text from the web through scripts/get_reviews.py and scripts/scrape_reviews.py.
Boundary markers: Absent. Instructions for the LLM-driven browser agent do not include delimiters or specific guidance to ignore malicious instructions embedded in scraped text.
Capability inventory: The skill can perform automated web navigation and access local environment configuration files for credentials.
Sanitization: External content is processed by the agent without prior filtering or sanitization.
[UNVERIFIABLE_DEPENDENCIES]: The skill documentation includes instructions to install several third-party libraries including browser-use, playwright, and langchain-openai to facilitate browser automation.
[DATA_EXPOSURE]: Internal scripts are configured to read API keys for Yelp, OpenAI, and Browserbase from a local .env file, which is a standard pattern for credential management in this context.

yelp-search