playwright-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOW
Full Analysis
- [Documentation & Purpose] (SAFE): The skill is purely instructional, providing best practices for Playwright (web automation). The content aligns with official documentation and poses no risk.
- [Indirect Prompt Injection] (LOW): While the skill advises on how to interact with external web content (a high-risk activity), it does not ingest untrusted data itself nor provide vulnerable patterns for data interpolation. It strictly provides static code patterns for common automation tasks.
- [Remote Code & Dependencies] (SAFE): No package installations or remote script executions are performed. References to external documentation (playwright.dev) are to legitimate, official sources.
- [Data Exposure] (SAFE): No commands or snippets access sensitive files, environment variables, or hardcoded credentials.
Audit Metadata