playwright-ops

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security issues detected. The skill primarily consists of documentation, best practices, and standard utility scripts for software testing.
  • [EXTERNAL_DOWNLOADS]: References official and well-known resources, including Microsoft's official container registry (mcr.microsoft.com) and standard Playwright installation commands (npx playwright install). These are established technology services and do not pose a security risk.
  • [CREDENTIALS_UNSAFE]: Appropriately handles sensitive data. Instructions explicitly recommend using environment variables (e.g., process.env.E2E_USER) and GitHub secrets rather than hardcoding credentials. It also includes guidance to add authentication state files (.auth/) to .gitignore to prevent accidental exposure.
  • [DATA_EXFILTRATION]: No unauthorized data access or external transmission patterns were identified. The network mocking and API testing sections describe standard development practices for stubbing and testing internal application endpoints.
  • [COMMAND_EXECUTION]: The bundled Python script (scripts/triage-flakes.py) is a safe utility for parsing local JSON test reports. It uses only Python standard libraries and does not perform network operations or execute arbitrary system commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 07:49 PM
Security Audit — agent-trust-hub — playwright-ops