Skills
skills/involvex/awesome-copilot/webapp-testing/Gen Agent Trust Hub

webapp-testing

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation indicates that it automatically installs the Playwright framework. Playwright is a standard, well-known tool for browser automation and testing.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface.
  • Ingestion points: Untrusted data enters the agent's context through browser console logs captured by the captureConsoleLogs function in test-helper.js and through page content interaction defined in SKILL.md.
  • Boundary markers: The skill does not use delimiters or instructions to help the agent distinguish between application data and its own system instructions.
  • Capability inventory: The skill possesses file-writing capabilities through the captureScreenshot function in test-helper.js.
  • Sanitization: There is no logic provided to sanitize or filter the data ingested from the browser console or web page before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 08:43 PM