playwright
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- CREDENTIALS_UNSAFE (HIGH): Hardcoded credentials detected in template files. Evidence: 'assets/fixtures.ts' contains hardcoded password 'TestPassword123!' and email 'test@example.com'.
- PROMPT_INJECTION (HIGH): Significant risk of Indirect Prompt Injection (Category 8). Ingestion points: page.goto() and request.get() in SKILL.md and assets/test.spec.ts. Boundary markers: Absent. Capability inventory: Browser manipulation, network requests, and report generation. Sanitization: Absent; the agent is not instructed to validate or escape content from external pages.
- COMMAND_EXECUTION (MEDIUM): Arbitrary shell command execution capability. Evidence: webServer.command in assets/playwright.config.ts allows execution of system commands like 'pnpm dev'.
Recommendations
- AI detected serious security threats
Audit Metadata