The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill communicates with the external API at api.browser-use.com to manage browser automation tasks, which is the stated purpose of the skill.
[COMMAND_EXECUTION]: Employs curl to perform API operations such as creating tasks and retrieving session results. This is standard behavior for CLI-based agent tools.
[DATA_EXFILTRATION]: Transmits user-defined task descriptions to the Browser Use API. This is necessary for the cloud-based automation service to function.
[CREDENTIALS_UNSAFE]: Correctly utilizes the $BROWSER_USE_TOKEN environment variable for API authentication instead of hardcoding sensitive credentials.
[PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it retrieves data from external web environments navigated by the AI agent.
Ingestion points: Task results containing web content are retrieved via the GET /api/v2/tasks/<task-id> endpoint in SKILL.md.
Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used in the prompt interpolation.
Capability inventory: The agent can execute shell commands (curl) and write to the local filesystem (/tmp) as described in SKILL.md.
Sanitization: No specific sanitization or filtering of the retrieved browser output is defined.

browser-use