playwright

The codebase provides functional Playwright authentication setup with storageState-based session reuse and multi-role testing. The primary security risk arises from hardcoded credentials and persistent auth state files that could be leaked. Recommend unifying secret management, removing hardcoded credentials, ensuring .auth/ files are never committed, and adopting ephemeral or vault-backed secrets for CI/test environments. No malicious behavior detected, but risk of secret leakage and impersonation is non-trivial.