playwright-test
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill promotes secure development practices. It specifically instructs the agent to use environment variables for sensitive information like TEST_EMAIL and TEST_PASSWORD, preventing credential exposure in test scripts. Additionally, it provides guidance on using storageState for authentication and correctly advises adding the resulting session files to .gitignore. No malicious patterns such as prompt injection, data exfiltration, or obfuscation were detected.
- [SAFE]: Analysis of indirect prompt injection surface. 1. Ingestion points: Project test files (*.spec.ts, *.e2e.ts) and configuration files (playwright.config.ts). 2. Boundary markers: The skill defines explicit 'DO NOT' constraints and a 'Final Checklist' to govern agent behavior and maintain boundaries. 3. Capability inventory: Execution of playwright tests via npx, report generation, and trace viewing. 4. Sanitization: Relies on the standard isolation provided by the Playwright test runner and project-specific environment configurations.
Audit Metadata