The Agent Skills Directory

[PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is designed to automatically activate and process user-controlled test files and configuration files, which could contain malicious instructions. * Ingestion points: Reads *.spec.ts files, package.json, and playwright.config.ts from the user's workspace. * Boundary markers: The skill lacks explicit instructions or delimiters to prevent the agent from following instructions embedded within the processed files. * Capability inventory: The skill utilizes Bash, Read, Grep, and Glob tools, providing a significant capability tier for a potential attacker to exploit if an injection is successful. * Sanitization: There is no evidence of content sanitization or validation of the external data before it is processed by the agent.
[PROMPT_INJECTION]: Metadata Inconsistency. The file REVIEW.md contains a critical review of the skill (version 1.0.0) that describes missing resources and capabilities which are actually present in the SKILL.md (version 1.1.0) and the file structure. While likely due to an outdated review file, this discrepancy in metadata is technically deceptive.
[EXTERNAL_DOWNLOADS]: The diagnostic script scripts/check-playwright-setup.sh checks for and suggests the installation of Playwright browsers using the standard npx playwright install command from the official vendor.
[COMMAND_EXECUTION]: The skill provides a bash script scripts/check-playwright-setup.sh intended to be run by the agent to validate the local environment. It uses standard utilities like grep, find, and sed to parse local project files.

playwright-testing