Playwright Page Data Extractor
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill is distributed via external repositories and marketplaces associated with the author (agentskillexchange/skills).
- [COMMAND_EXECUTION]: Installation requires executing shell commands such as 'npx skills add' and 'clawhub install' to integrate the skill into the agent environment.
- [PROMPT_INJECTION]: As a web scraping tool, this skill inherently creates a surface for indirect prompt injection by ingesting untrusted data from the internet.
- Ingestion points: Scraped DOM content from 'page.evaluate()' and intercepted network responses from 'page.route()'.
- Boundary markers: Not specified in the skill body.
- Capability inventory: Includes the ability to execute JavaScript in a browser context and intercept network traffic.
- Sanitization: No explicit sanitization or filtering of scraped content is described in the prompt instructions.
Audit Metadata