Skills
skills/bnadlerjr/dotfiles/using-playwright-cli/Gen Agent Trust Hub

using-playwright-cli

Warn

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill documents the use of eval and run-code commands, which permit the execution of arbitrary JavaScript within the active browser context.
  • [DATA_EXFILTRATION]: The skill provides instructions for retrieving sensitive session information through commands like cookie-get, cookie-list, localstorage-get, and state-save. These can be used to extract authentication tokens and session identifiers.
  • [DATA_EXFILTRATION]: Content capture commands such as snapshot, screenshot, and pdf allow the agent to export visible or structured page data, which may contain sensitive personal or corporate information.
  • [CREDENTIALS_UNSAFE]: Documentation examples illustrate the handling of credentials, including filling password fields and manually setting authentication cookies.
  • [EXTERNAL_DOWNLOADS]: The skill uses npx to fetch and execute the @playwright/cli package from the npm registry, which is a standard distribution method for this tool from a well-known provider.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it instructs the agent to read and process content from external websites via the snapshot and eval commands, which could contain malicious instructions designed to manipulate the agent's behavior.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 28, 2026, 10:17 PM