responsiveness-check
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands using playwright-cli to manage browser automation sessions and supports background execution for parallel testing of multiple URLs.
- [EXTERNAL_DOWNLOADS]: The skill performs network operations to retrieve content from external, untrusted websites as part of its layout testing functionality.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes and analyzes content from external websites that are not under the user's control.
- Ingestion points: External URLs accessed and rendered through browser automation tools (playwright-cli, Playwright MCP, and Chrome MCP).
- Boundary markers: Absent; the skill does not include specific instructions to the agent to ignore or isolate instructions found within the tested page content.
- Capability inventory: The skill exerts control over browser sessions (resize, navigate, screenshot), writes report files to the local disk, and manages concurrent subprocesses.
- Sanitization: Absent; no sanitization or filtering of the retrieved web content is performed before it is analyzed by the agent.
Audit Metadata