ui-demo
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's instructions and code snippets align with its stated purpose of browser automation and video recording. No obfuscation, persistence mechanisms, or credential theft patterns were found.
- [COMMAND_EXECUTION]: The skill facilitates the creation and execution of Node.js scripts using Playwright. This involves launching browser instances (e.g., Chromium) and performing automated interactions based on a generated script.
- [EXTERNAL_DOWNLOADS]: The skill references the 'playwright' Node.js package, which is an industry-standard library for web automation.
- [DATA_EXFILTRATION]: The skill ingests metadata from web pages to assist the agent in identifying interactive elements.
- Ingestion points: Page elements (tags, types, names, placeholders, and text content) are scraped using
page.evaluatein the 'Phase 1: Discover' section. - Boundary markers: None observed; the skill relies on direct DOM inspection.
- Capability inventory: The skill uses Playwright for browser control and the Node.js
fsmodule for local video file management. - Sanitization: Scraped element data is logged directly to the console for the agent to use when writing scripts.
Audit Metadata