webapp-testing

The webapp-testing skill is functionally coherent with its described purpose (Playwright-based local web app testing) and uses reasonable playbook patterns (waiting for networkidle, capturing console logs, avoiding shell=True). However, it requires broad local file/system access and explicit read/write access to agent memory files (.claude/context/memory/*). The Memory Protocol's mandatory reads and persistent writes are the highest-risk elements: they enable system-prompt extraction and persistent storage of any sensitive data discovered during tests. Additionally, installation steps that download browser binaries and the practice of starting project dev servers mean this skill will execute third-party code and perform network downloads during setup/runtime. Overall the component is useful for local testing but presents moderate-to-high supply-chain and data-leak risk in typical agent environments. Restrict this skill to trusted projects and disable or lock memory access when testing untrusted code or when agent memory contains sensitive internal prompts.