playwright-expert
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill consists of legitimate technical documentation and code templates for browser automation. The logic provided aligns with standard software testing practices.
- [EXTERNAL_DOWNLOADS]: The CI/CD and configuration files contain standard commands to fetch Playwright browsers and Node.js dependencies (e.g., 'npx playwright install'). These actions target official Microsoft/Playwright repositories, which are well-known and trusted sources for the intended functionality.
- [PROMPT_INJECTION]: The skill processes user-defined requirements to generate automated tests, establishing an attack surface for indirect instructions.
- Ingestion points: User requirements and UI flow descriptions defined in the 'Analyze requirements' step.
- Boundary markers: No explicit delimiters or instructions are used in the templates to differentiate between legitimate test requirements and potentially malicious embedded instructions.
- Capability inventory: Browser automation, network interception, and local report generation via the Playwright framework.
- Sanitization: The skill relies on the user to manually verify and validate the generated code before execution in a sensitive environment.
Audit Metadata