browser-recording
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute system commands including npx playwright, npm install, and file system utilities like find to locate video output files.
- [REMOTE_CODE_EXECUTION]: The skill's core functionality involves executing Playwright spec files (.spec.ts or .spec.js). These are JavaScript/TypeScript scripts that run in a Node.js environment, allowing for the execution of arbitrary logic defined within those files.
- [EXTERNAL_DOWNLOADS]: The skill initiates the download of the @playwright/test library and browser binaries from the npm registry. These are from a well-known vendor (Microsoft).
- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it processes external spec files and interacts with web content.
- Ingestion points: The content and file paths of Playwright spec files.
- Boundary markers: No boundary markers or instructions are provided to the agent to ignore embedded instructions within the processed specs.
- Capability inventory: The skill has access to the Bash tool and a full Node.js execution environment through Playwright, enabling file system and network operations.
- Sanitization: No sanitization or validation of the spec file content is performed before execution.
Audit Metadata