dotnet-playwright
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates interaction with external web pages, creating a surface for indirect prompt injection. An agent could potentially execute malicious instructions if they are encountered within the content of a navigated page.
- Ingestion points: Use of
Page.GotoAsync()and data extraction via locators inSKILL.md. - Boundary markers: No explicit delimiters or instructions are provided in
SKILL.mdto distinguish untrusted web content from internal agent logic. - Capability inventory: Includes full browser automation, file uploads via
Page.SetInputFilesAsync(), and network navigation inSKILL.md. - Sanitization: No sanitization of page content is described in
SKILL.mdbefore processing. - [COMMAND_EXECUTION]: Provides instructions in
SKILL.mdfor installing browser binaries using standardpwshscripts and thedotnetCLI. These operations are part of the official Microsoft Playwright setup process and target trusted tools. - [EXTERNAL_DOWNLOADS]: Orchestrates the download of browser binaries (Chromium, Firefox, WebKit) from official Microsoft repositories as described in
SKILL.mdto enable end-to-end testing functionality.
Audit Metadata