skills/arisng/github-copilot-fc/blazor-interactive-ssr-adhoc-testing-playwright-cli/Gen Agent Trust Hub
blazor-interactive-ssr-adhoc-testing-playwright-cli
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill instructions or workflows.
- [COMMAND_EXECUTION]: The skill provides examples of shell commands to be executed via playwright-cli, targeting local development environments by default (e.g., localhost:5001).
- [INDIRECT_PROMPT_INJECTION]: The skill uses tools that ingest data from potentially untrusted web pages, creating an attack surface for indirect prompt injection. (1) Ingestion points: playwright-cli eval, playwright-cli snapshot, playwright-cli console, and playwright-cli network in SKILL.md. (2) Boundary markers: Absent. (3) Capability inventory: playwright-cli click, playwright-cli fill, and playwright-cli run-code in SKILL.md. (4) Sanitization: Absent.
- [DYNAMIC_EXECUTION]: The skill uses playwright-cli eval and playwright-cli run-code to execute JavaScript within the browser context for UI testing purposes, which is standard functionality for this type of tool.
Audit Metadata