playwright-automation-expert
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes documentation for project scaffolding using Bash, PowerShell, and a Node.js script (
scripts/scaffold.mjs). These commands are designed to create local directory structures and configuration files (e.g.,.gitignore,fixtures/index.ts) consistent with the skill's purpose of setting up a testing framework. - [CREDENTIALS_UNSAFE]: Multiple reference files (e.g.,
references/api-rest-testing.md,references/configuration.md) contain hardcoded credentials likeuser@test.comandpassword123. These are clearly identified as generic placeholders for illustrative testing examples and do not represent the exposure of real secrets. - [EXTERNAL_DOWNLOADS]: The documentation provides standard instructions for installing the Playwright framework and browsers using
npm init playwright@latestandnpx playwright install. These target official, well-known registries and are standard for the technology. - [SAFE]: The skill emphasizes security best practices, such as explicitly instructing users to gitignore authentication state files (
auth.json) to prevent accidental credential leakage.
Audit Metadata