The Agent Skills Directory

[Command Execution] (SAFE): The skill utilizes shell scripts and npx to execute Playwright tests and perform metric collection. These operations are standard for an E2E testing framework. Evidence: Scripts gather-e2e-metrics.sh and validate-e2e-coverage.sh invoke npx playwright test.
[Indirect Prompt Injection] (LOW): The prompt create-e2e-test-plan.prompt.md reads specification files from the local environment (spec.md) to generate test cases. This presents a theoretical injection surface if the specification files contain malicious instructions, but this is a necessary design for the skill's functionality. Evidence: Ingestion points: specs/{feature}/spec.md, specs/{feature}/stories/{story-id}/story-tracker.md; Boundary markers: Absent; Capability inventory: Execute (npx), Edit (file writing); Sanitization: Absent.

playwright-testing