webapp-playwright-testing
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides standard browser automation capabilities for testing and debugging web applications. It implements strong security controls by instructing the agent to limit its operational scope to local or owned environments (e.g., localhost).
- [PROMPT_INJECTION]: The skill documentation explicitly identifies and addresses the risk of indirect prompt injection from processed web content. It provides clear mitigation strategies for the agent to ensure safety.
- Ingestion points: Data enters the agent context through browser snapshots (accessibility trees), network request monitoring (API responses), and console log inspection.
- Boundary markers: The skill includes a dedicated 'Security Considerations' section that explicitly warns the agent to treat external content as data rather than instructions.
- Capability inventory: The skill possesses the capability to interact with browsers (navigation, clicks, form-filling) and write screenshots to the local file system.
- Sanitization: The instructions recommend validating all external data before use and strictly scoping activities to developer-owned URLs.
- [COMMAND_EXECUTION]: Browser interactions are performed via Playwright MCP tools. The execution of these commands is restricted by guidelines to prevent unauthorized navigation or interaction with untrusted third-party content.
Audit Metadata