playwright-testing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill provides templates for web automation, creating a surface for Indirect Prompt Injection if the agent interacts with malicious websites.\n
- Ingestion points: Web content ingested through locators and page navigation in
reference/structure.mdandreference/debugging.md.\n - Boundary markers: Absent in the provided code templates.\n
- Capability inventory: Ability to execute shell commands (npx playwright test) and perform network requests via the test runner.\n
- Sanitization: None specified for dynamic web content ingested during test execution.\n- [EXTERNAL_DOWNLOADS] (SAFE): CI templates reference official browser installations and dependency management from trusted sources like Microsoft and the npm registry.\n- [CREDENTIALS_UNSAFE] (SAFE): Placeholder credentials (e.g., user@example.com) are used for illustrative purposes in documentation and do not represent a leak of actual secrets.\n- [DATA_EXFILTRATION] (SAFE): The recommended use of storageState for session persistence follows official framework best practices for test isolation and performance.
Audit Metadata