testing-e2e
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script create-page-object.md utilizes shell commands via a '!' prefix to perform discovery tasks such as finding test directories and searching for existing locator patterns. These commands (find, grep, date) help customize the generated page object templates based on the local codebase.\n- [EXTERNAL_DOWNLOADS]: The skill documentation references several well-known testing and accessibility packages including @playwright/test, @axe-core/playwright, and jest-axe. These tools are standard in the industry and are expected to be installed via official package managers from trusted sources.\n- [REMOTE_CODE_EXECUTION]: Instructions in references/playwright-setup.md and rules/e2e-ai-agents.md describe the initialization of AI agents using npx playwright init-agents. This command fetches and executes code from the Playwright ecosystem to enable autonomous testing features.\n- [PROMPT_INJECTION]: The 'Healer' and 'Generator' agent workflows described in the skill process live application content to maintain and create tests. This creates a surface for indirect prompt injection where a malicious web page could attempt to influence the agent's test repair logic.\n
- Ingestion points: Application DOM content and state accessed by Playwright agents during execution (e.g., in rules/e2e-ai-agents.md).\n
- Capability inventory: Shell command execution via npx and file system modification for test script generation.\n
- Boundary markers: None explicitly provided in the agent instruction templates.\n
- Sanitization: The patterns do not include explicit sanitization of the application data before it is interpreted by the AI agents.
Audit Metadata