Skills
skills/kjaylee/misskim-skills/playwright-testing/Gen Agent Trust Hub

playwright-testing

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the creation and execution of custom Python scripts using Playwright on a remote system via the nodes.run command. While intended for automation, this allows for runtime script generation and execution of code based on LLM outputs.
  • [PROMPT_INJECTION]: By navigating to and inspecting external web applications or games, the skill ingests untrusted data into the agent's context. A malicious site could use hidden text, DOM elements, or console logs to attempt to influence the agent's subsequent actions.
  • Ingestion points: Web page DOM, screenshots, and browser console logs accessed via Playwright (page.goto, page.locator, page.on('console')).
  • Boundary markers: No specific delimiters or instructions are provided to the agent to help it distinguish between legitimate test data and potentially malicious embedded instructions.
  • Capability inventory: Execution of shell commands and Python scripts via nodes.run and network navigation via the browser tool.
  • Sanitization: The skill does not describe any sanitization, filtering, or validation of the content retrieved from the target web pages before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 08:05 AM