The Agent Skills Directory

[INDIRECT_PROMPT_INJECTION]: The skill instructions involve reading and interacting with content from web applications (e.g., using page.content() and page.locator()). This activity creates an ingestion surface for data from potentially untrusted web pages. However, the skill proactively includes a 'Security Notice' instructing the agent to sanitize dynamic content and selectors, which mitigates the risk of instructions embedded in the web application content influencing the agent's behavior.
[DYNAMIC_EXECUTION]: The provided code examples use page.evaluate() to run JavaScript in the browser context for tasks like managing local storage. While this involves dynamic code execution, it is used for legitimate testing purposes with static templates and is a core functionality of the Playwright library for which the skill is designed.

webapp-testing