Skills
skills/phuetz/code-buddy/playwright/Gen Agent Trust Hub

playwright

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches official Playwright libraries and browser binaries from Microsoft's infrastructure.
  • [COMMAND_EXECUTION]: Provides standard CLI commands for environment setup and execution of browser automation tasks.
  • [PROMPT_INJECTION]: The skill provides browser automation capabilities which expose an indirect prompt injection surface.
  • Ingestion points: External web content is ingested through functions like page.goto(), page.textContent(), and page.evaluate() in SKILL.md.
  • Boundary markers: No delimiters or protective markers are used in the examples to isolate web content from agent instructions.
  • Capability inventory: The agent can perform interactive actions like page.click() and page.fill() as demonstrated in SKILL.md.
  • Sanitization: No sanitization or data validation methods for external content are shown in the provided examples.
  • [SAFE]: No malicious obfuscation, hidden commands, or unauthorized data exfiltration were detected in the skill documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 07:13 AM