playwright-cli
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exposes the agent to indirect prompt injection from untrusted web content. * Ingestion points: Web page snapshots saved as YAML in the '.playwright-cli/' directory. * Boundary markers: No delimiters or instruction-ignore warnings are specified. * Capability inventory: Access to the 'Bash' tool for command execution and browser control. * Sanitization: No sanitization of ingested web content is documented.
- [EXTERNAL_DOWNLOADS]: Fetches the '@playwright/cli' package from the official npm registry. The package is maintained by Microsoft.
- [COMMAND_EXECUTION]: Leverages the 'Bash' tool to perform browser interactions such as navigation, clicking, and form filling through the 'playwright-cli' command.
Audit Metadata