frontend-tester
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill ingests untrusted data via browser automation. Evidence: 1. Ingestion points: playwright_get_visible_html, playwright_console_logs. 2. Boundary markers: Absent. 3. Capability inventory: playwright_navigate, playwright_screenshot, playwright_resize. 4. Sanitization: Absent.
- [Data Exposure & Exfiltration] (LOW): Uses playwright_navigate to access non-whitelisted external domains for testing purposes. No sensitive data access or hardcoded credentials detected.
- [Prompt Injection] (SAFE): Static instructions do not contain safety bypass or system prompt extraction patterns.
- [Unverifiable Dependencies] (SAFE): All referenced libraries (Jest, RTL, MSW, React Query) are standard industry tools.
Audit Metadata