playwright
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides a legitimate and well-documented interface for terminal-based browser automation.
- [EXTERNAL_DOWNLOADS]: The skill uses
npxto execute the@playwright/clipackage. This package is an established tool from the Microsoft ecosystem, making its use a standard and expected operation within this context. - [COMMAND_EXECUTION]: A shell wrapper script (
scripts/playwright_cli.sh) is used to invoke the CLI tool. The script is correctly implemented with error handling (set -euo pipefail) and follows security best practices for process execution. - [DATA_EXFILTRATION]: While the skill interacts with web content, its data access and artifact creation (screenshots, traces) are strictly limited to the intended automation tasks and user-specified local directories.
- [PROMPT_INJECTION]: The skill ingests untrusted data by reading web content through snapshots and browser evaluations. While there are no explicit boundary markers or sanitization logic present in the instructions to prevent indirect prompt injection from malicious websites, this risk is inherent to browser automation and is documented as the skill's primary function.
Audit Metadata