playwright-interactive-sandbox
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for running local Node.js verification scripts and managing system processes using shell commands like node, npm, and kill.\n- [EXTERNAL_DOWNLOADS]: The skill references the npx playwright install command to download necessary browser binaries from well-known repositories.\n- [PROMPT_INJECTION]: An indirect prompt injection surface is present as the skill processes content from targeted web pages.\n
- Ingestion points: Web content loaded via page.goto() in SKILL.md.\n
- Boundary markers: No explicit delimiters or instruction-ignore warnings are present in the provided script patterns.\n
- Capability inventory: The skill has access to shell execution (node, npm) and process management (kill) capabilities.\n
- Sanitization: There is no evidence of sanitization or filtering applied to the ingested web data.
Audit Metadata