The Agent Skills Directory

[PROMPT_INJECTION]: The skill processes untrusted web content which could contain instructions designed to manipulate the agent's behavior.
Ingestion points: scripts/fetch-markdown.mjs fetches HTML from external URLs provided as input.
Boundary markers: The skill does not provide the agent with explicit instructions to ignore potentially malicious commands embedded in the converted markdown.
Capability inventory: The skill performs network requests and file system execution (via the provided scripts) to fetch and process content.
Sanitization: The script uses @mozilla/readability and turndown to convert HTML to Markdown, which removes executable scripts and tags, but leaves the underlying natural language content which can be used for indirect injection.

web-markdown-navigator