playwright-explore-website
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through processing untrusted website content.\n
- Ingestion points: The agent navigates to and interacts with data from external URLs provided at runtime via the SKILL.md instructions.\n
- Boundary markers: There are no delimiters or specific instructions provided to the agent to treat website content as data only or to ignore embedded instructions.\n
- Capability inventory: The agent identifies features, interacts with UI elements, and generates test cases based on the content found.\n
- Sanitization: No validation or sanitization of the website's HTML or text content is performed before interaction.
Audit Metadata