Skills
skills/agentskillexchange/skills/Playwright PDF Export Automation/Gen Agent Trust Hub

Playwright PDF Export Automation

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Playwright library to launch and control a headless Chromium browser instance (chromium.launch).
  • [EXTERNAL_DOWNLOADS]: The skill's installation instructions describe downloading the package from the agentskillexchange repository via the npx command.
  • [DATA_EXFILTRATION]: The skill documentation describes capabilities for handling sensitive session cookies and authentication headers. It also includes functionality to upload generated PDF documents to external AWS S3 storage via the putObject API.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it retrieves and processes arbitrary external data from the web.
  • Ingestion points: Target web content retrieved via the page.goto() method (SKILL.md).
  • Boundary markers: There are no boundary markers or instructions to the agent to disregard commands embedded in the processed web content.
  • Capability inventory: The skill possesses network access (S3 upload), browser manipulation (authentication injection), and local file system access.
  • Sanitization: The documentation does not describe any sanitization or validation of the remote web content before it is rendered and processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 03:35 AM
Security Audit — agent-trust-hub — Playwright PDF Export Automation