playwright-tests
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill provides a command to fetch external content using curl from 'https://fullstackrecipes.com/api/recipes/playwright-tests'. As this domain is not within the trusted scope, the downloaded content is unverifiable and poses a security risk.
- [PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection through its ingestion of external data. * Ingestion points: Remote API call to fullstackrecipes.com. * Boundary markers: None identified in the prompt instructions to isolate external content. * Capability inventory: Full browser automation via Playwright, which can access local network resources and perform file operations. * Sanitization: None identified.
Audit Metadata