playwright-responsive-screenshots
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it interacts with untrusted external data.
- Ingestion points: Untrusted data enters the agent context via the
browser_navigatetool when visiting URLs specified by the user (found inSKILL.mdandreferences/playwright-api.md). - Boundary markers: The instructions do not specify any delimiters or explicit warnings to the agent to ignore instructions embedded within the content of the target websites.
- Capability inventory: The skill utilizes
browser_navigate,browser_take_screenshot, andbrowser_resize(across all files), and potentiallybrowser_snapshotorbrowser_console_messages(mentioned inreferences/playwright-api.md), which could allow an attacker to influence agent behavior if the agent reads page content or logs. - Sanitization: There is no mention of sanitizing or filtering the page content or console logs before the agent processes them.
Audit Metadata