The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill guides the user to clone an external repository from GitHub (github.com/challengekim/iros-registry-automation). To mitigate supply chain risks, the instructions include a specific commit SHA (7c6924b2ff88d693a12556659188cb91041e5097) stored in scripts/upstream.pin to ensure code integrity.
[COMMAND_EXECUTION]: The automation process involves running local Python scripts (iros_cart.py, iros_download.py, iros_wizard.py) to control a browser via Playwright. This execution is scoped to the primary purpose of the skill and relies on the pinned external code.
[PROMPT_INJECTION]: The skill includes explicit instructions and 'Hard limits' that prevent the agent from attempting to handle sensitive actions like login or payment. By mandating that these steps be performed manually by the user in the browser, the skill reduces the risk of unauthorized access or credential theft.
[DATA_EXPOSURE]: Detailed instructions are provided to ensure that sensitive input files (containing corporate registration numbers or property addresses) and output PDFs are stored in a restricted temporary directory (chmod 700) outside of the git repository, preventing accidental data leaks through version control or logs.

iros-registry-automation