The Agent Skills Directory

Indirect Prompt Injection Surface: The skill processes data from a user-provided target URL (ingestion point) to gather layout and style information. Because this data comes from external websites and the skill has capabilities such as file system access and shell execution (capability inventory), there is a potential for instructions embedded in the website's HTML to be processed by the agent. Boundary markers or specific sanitization steps for this ingested data are not explicitly defined in the instruction set.
Retrieval of Remote Assets: The workflow involves downloading assets like images, fonts, and videos from the source URL. This is a standard part of the site-cloning process and is handled via the browser toolset.
Environment and Context Interaction: To maintain consistency with a user's workflow, the skill reads from user context which may include codebase paths and design system tokens. It also executes local shell commands to run preflight scripts and host the generated prototype locally.
Ethical and Safety Guardrails: The instructions include a mandatory step to warn users about following the target website's terms of service and emphasize that the tool should only be used for sites the user owns or has permission to clone.

url-to-code