playwright-skill

This script is a legitimate-but-powerful CLI runner for Playwright automation that intentionally executes arbitrary code supplied by the user. The file itself does not contain obfuscated or covert malicious payloads, but it enables dangerous operations: full rights code execution via writing and requiring temporary files, automatic execution of npm/npx install commands (supply-chain risk), and possible forwarding of environment-derived values into HTTP headers (risk of secret leakage). Treat any use of this tool as untrusted if input or the environment is not controlled. Recommend not running with untrusted scripts, avoid running the auto-install in sensitive environments, and inspect ./lib/helpers for what it reads from env before use.

The skill presents a coherent Playwright-based automation workflow that aligns with its stated purpose of generating and running test scripts against detected dev servers. However, the presence of an inline code execution pathway (passing JS to run.js) represents a significant potential for remote or unintended code execution, elevating the overall risk. Other aspects (writing to /tmp, using official package managers in setup, environment-variable header configuration) are within expected norms for a testing automation tool, but careful access control and domain restrictions should be enforced to prevent misuse. Overall risk is moderate with a suspicious edge due to the inline execution capability; treat as SUSPICIOUS to BENIGN borderline, leaning suspicious.