The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs agents to modify the user's local configuration file at ~/.opik.config to ensure it points to a local API. Automated modification of configuration files in the home directory is a sensitive operation that can impact environment stability.
[COMMAND_EXECUTION]: The generator and healer agents are explicitly authorized to modify the target application's source code within apps/opik-frontend/src/ to add data-testid attributes. This provides a direct mechanism for the agent to inject arbitrary code into the application being tested.
[PROMPT_INJECTION]: The playwright-test-healer agent is instructed to perform fixes autonomously without asking the user questions. This lack of human oversight, when combined with the capability to write to application source files, creates a significant security risk for undetected malicious modifications.
[PROMPT_INJECTION]: The healer agent is vulnerable to indirect prompt injection as it processes failing test outputs and error logs which could contain attacker-controlled instructions. 1. Ingestion point: agents/playwright-test-healer.md. 2. Boundary markers: Absent. 3. Capability inventory: Writing to application source code and running shell commands. 4. Sanitization: Absent.
[EXTERNAL_DOWNLOADS]: The skill requires running standard installation commands (npm install, npx playwright install). While these are necessary for the skill's primary function, they involve downloading external code to the local environment.

playwright-e2e