Skills
skills/christopheralphonse/calphonse-skills/playwright-cli/Gen Agent Trust Hub

playwright-cli

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill makes extensive use of the playwright-cli tool to execute browser actions and arbitrary JavaScript snippets within the browser context via the run-code and eval subcommands.
  • [EXTERNAL_DOWNLOADS]: Instructs the user to install the @playwright/cli package from the NPM registry. This tool is part of the Playwright ecosystem maintained by Microsoft, which is a trusted organization.
  • [CREDENTIALS_UNSAFE]: The skill handles sensitive browser session data through commands like state-save and cookie-list. The documentation provides clear guidance on preventing these files from being committed to version control and managing them securely.
  • [PROMPT_INJECTION]: The skill's ability to ingest content from web pages (via snapshot or eval) and then use that data to drive browser actions (like click or run-code) creates a surface for indirect prompt injection. This is a common characteristic of browser automation tools.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 03:33 PM