playwright-scraper
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted content from external websites using Playwright's navigation and extraction methods, creating a potential surface for indirect prompt injection.
- Ingestion points: Usage of
page.goto()andpage.evaluate()methods described inSKILL.md. - Boundary markers: The provided examples do not include delimiters or instructions to ignore embedded commands within the scraped content.
- Capability inventory: Includes browser automation, screenshot capture, and access to environment variables.
- Sanitization: No specific sanitization or filtering of the extracted web data is described in the usage patterns.
- [EXTERNAL_DOWNLOADS]: Recommends the installation of the
playwrightpackage from the official NPM registry, which is a well-known service from a recognized organization.
Audit Metadata