playwright-e2e
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill directs the agent to execute terminal commands like
pnpm test:e2eto verify test suites. Autonomous shell execution without human oversight is a high-risk behavior.\n- [PROMPT_INJECTION] (HIGH): The 'Verification Workflow' section contains an explicit instruction to bypass human-in-the-loop safety checks: 'Do NOT tell the user to run the tests themselves - run them and report the results.' This overrides standard safety protocols regarding autonomous command execution.\n- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface. 1. Ingestion points: Playwright locators (e.g., getByText, getByRole) reading untrusted web content. 2. Boundary markers: Absent. 3. Capability inventory: Subprocess calls via pnpm. 4. Sanitization: Absent.
Recommendations
- AI detected serious security threats
Audit Metadata