Skills
skills/wubabalala/claude-skills/playwright-web-automation/Gen Agent Trust Hub

playwright-web-automation

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of shell commands such as npx playwright, npm install, and node to perform browser automation and script execution. These commands are essential for the primary purpose of the skill. Agents should ensure parameters like URLs are sanitized before passing them to the shell.\n- [EXTERNAL_DOWNLOADS]: Dependencies such as the playwright library are installed via npm, and the Mermaid rendering library is loaded from the well-known jsdelivr.net CDN. These sources are considered trusted for their respective purposes.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface where untrusted data (e.g., Mermaid diagram code or prompt text) is interpolated into browser sessions or HTML templates without explicit sanitization.\n
  • Ingestion points: examples/diagramgpt.mjs (PROMPT constant), examples/mermaid-render.mjs (diagrams array), and SKILL.md (recording output pasted by user).\n
  • Boundary markers: Absent.\n
  • Capability inventory: fs.writeFileSync (file system access), chromium.launch (network/browser control), and node script execution are used throughout the skill.\n
  • Sanitization: No explicit sanitization or validation of the ingested external content is implemented before it is executed or rendered in the browser context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 08:14 AM