The Agent Skills Directory

[PROMPT_INJECTION]: The skill establishes a protocol for browsing external URLs and inspecting DOM snapshots (agent-browser open and snapshot in SKILL.md), which creates an indirect prompt injection surface. Ingestion occurs through these browser reading commands. While explicit prompt boundary markers are absent in the template, the protocol includes 'Judgment Gates' that require the agent to pause and ask the user for confirmation when encountering unexpected content or errors. The agent's capabilities include element interaction, script execution via eval, and authentication vault access.\n- [CREDENTIALS_UNSAFE]: The skill promotes secure credential management by instructing the use of an 'Auth Vault' (auth save and auth login) instead of manual form filling or hardcoded strings. The string 'secret' used in the example command is a generic documentation placeholder and does not represent a security risk.\n- [COMMAND_EXECUTION]: The skill provides instructions for the agent-browser tool to perform web automation tasks. It includes legitimate recovery patterns, such as handling SSL errors in staging environments (with a warning not to use in production) and managing page load timeouts via environment variables.

agent-browser-e2e