Predicate Snapshot

This skill appears to do what it says: prune DOM snapshots and optionally call Predicate's ML ranking service. Two things to consider before installing: 1) Prompt override risk — The docs explicitly tell you to edit your agent/system prompt so the agent always uses /predicate-snapshot. That is effectively a prompt-injection recommendation: if you follow it, the agent will prefer this skill for all page observations. Only do this if you trust the vendor and understand that snapshots (page elements and visible text) may be sent to an external service. 2) Data exfiltration surface — If you set PREDICATE_API_KEY, snapshots are likely sent to predicate.systems for ML ranking. These snapshots can include page text, links, and possibly sensitive data displayed in the browser. If you cannot or do not want page content leaving your environment, run only local mode (/predicate-snapshot-local) and avoid setting PREDICATE_API_KEY. Practical recommendations: - Review the '@predicatesystems/runtime' dependency (not included here) and inspect network endpoints it contacts before supplying an API key. - Test the skill in an isolated environment (the repo provides Docker test scripts) without setting PREDICATE_API_KEY or LLM keys first. - Do not blindly modify your agent/system prompt globally; instead, add /predicate-snapshot to specific task prompts where you trust it. - If you must use the API key, consider limiting usage via the suggested max_credits_per_session and monitor outbound network traffic. Given the explicit prompt-override guidance and the potential to send page snapshots externally, treat this skill as potentially risky unless you verify the external service and limit how broadly you apply the instructions.