develop-web-game
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill runs a local Node.js script (
web_game_playwright_client.js) to perform automated browser testing of the web game being developed. - [EXTERNAL_DOWNLOADS]: Instructions include checking for and installing the
playwrightand@playwright/mcppackages if they are not present in the environment. - [DATA_EXPOSURE]: The automation script saves screenshots, console error logs, and game state metadata to the local
output/web-gamedirectory for analysis. - [INDIRECT_PROMPT_INJECTION]: The skill implements a handoff mechanism using
progress.mdwhere the agent reads instructions and TODOs from previous iterations. While this is a standard workflow, it represents a surface where the agent processes external file content.
Audit Metadata