The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill recommends the installation of an external Node.js package for browser automation capabilities. In reference/playwright-automation.md, the instructions for setting up the Playwright MCP server specify the use of @executeautomation/playwright-mcp-server. This package is not provided by a recognized or trusted organization, introducing a potential supply chain risk.
[COMMAND_EXECUTION]: Instructions for binary analysis include the use of unsafe data deserialization. The reference/binary-analysis-quickstart.md file provides a Python command string that uses marshal.loads() to process data extracted from binaries. As the marshal module is not secure against maliciously crafted data, this practice can lead to arbitrary code execution if the analyzed binary is untrusted.
[PROMPT_INJECTION]: The skill's architecture creates a large surface area for indirect prompt injection vulnerabilities. External web content is ingested through playwright_navigate and playwright_snapshot tools as described in reference/playwright-automation.md. The skill lacks instructions for using boundary markers or safety warnings to prevent the agent from executing instructions found within external data. The skill employs powerful capabilities, including dynamic JavaScript execution via playwright_evaluate and the ability to perform automated form submissions. There is no evidence of sanitization or validation of the data retrieved from external websites before it is processed by the agent.

essential-tools