Skills
skills/brianlovin/agent-config/playwriter/Gen Agent Trust Hub

playwriter

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the playwriter CLI to perform browser actions as part of its core functionality.
  • [EXTERNAL_DOWNLOADS]: The skill fetches the playwriter package from the public npm registry, which is a well-known service.
  • [REMOTE_CODE_EXECUTION]: The skill uses npx to download and run the Playwriter tool and executes arbitrary JavaScript in the browser using the tool's execution flag.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection.
  • Ingestion points: The skill reads page URLs, titles, accessibility snapshots, and console logs from active tabs (SKILL.md).
  • Boundary markers: No delimiters or instructions to ignore embedded content are provided.
  • Capability inventory: The skill can execute JavaScript, click elements, and perform other browser interactions (SKILL.md).
  • Sanitization: No evidence of sanitization or filtering of the content retrieved from the browser.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 12:16 AM