webapp-testing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [External Downloads] (SAFE): The skill instructs the user to install the Playwright framework via npm (
npm init playwright@latest). While this downloads external code, Playwright is a reputable industry-standard library, and the skill itself is hosted on a trusted GitHub organization (anthropics), which qualifies for a severity downgrade per [TRUST-SCOPE-RULE]. - [Indirect Prompt Injection] (LOW): This category is flagged because the skill navigates to and interacts with external or local web pages (e.g.,
page.goto). This creates a surface where an attacker-controlled web page could provide instructions to the agent. - Ingestion points:
page.goto,page.locator,page.content(). - Boundary markers: None explicitly defined in the provided snippets.
- Capability inventory: Browser navigation, screenshot capture, form interaction.
- Sanitization: None.
- Assessment: This is an inherent risk of browser automation tools; however, the severity is low given the intended testing use case and the agent's internal safety guardrails.
- [Data Exposure] (SAFE): The skill includes functionality to capture screenshots (
page.screenshot). This is a legitimate feature for a testing toolkit and does not involve unauthorized exfiltration of sensitive system files.
Audit Metadata