develop-web-game
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Node.js script (
web_game_playwright_client.js) to automate browser testing and verify game states. \n- [EXTERNAL_DOWNLOADS]: The skill requires theplaywrightlibrary and suggests the installation of@playwright/mcpfor browser automation and agent integration. These are well-known tools for web automation. \n- [REMOTE_CODE_EXECUTION]: The script uses Playwright'spage.evaluate()andpage.addInitScript()to execute JavaScript within the browser context. This is used for a virtual time shim to ensure deterministic testing and to extract game state from the page. \n- [PROMPT_INJECTION]: The skill uses aprogress.mdfile to track development tasks and record the original user prompt. This creates a surface for indirect prompt injection, although it is utilized here for legitimate state management. \n - Ingestion points:
progress.mdfile (read in SKILL.md), action payload JSON files, and content from the target URL rendered in the browser. \n - Boundary markers: Absent for the progress file and action payloads. \n
- Capability inventory: File system access (read/write), browser automation with script injection, and local script execution. \n
- Sanitization: No explicit sanitization or validation of the content of the
progress.mdfile or action payloads beyond standard JSON parsing.
Audit Metadata