testing-browser
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes content from external web pages, which presents a surface for indirect prompt injection. Ingestion points: URL navigation performed in
snapshot.py,screenshot.py,verify.py, andinteract.py. Boundary markers: Explicit warning messages are appended to script outputs to instruct the agent to ignore directives found within captured content. Capability inventory: The skill includeswith_server.pyfor executing subprocess commands andinteract.pyfor automated browser interactions. Sanitization: Content is retrieved via Playwright's synchronization API and presented as accessibility snapshots or logs. - [COMMAND_EXECUTION]: The
with_server.pyscript manages local development server lifecycles by executing commands provided via the--cmdflag throughsubprocess.Popen. This is a primary function of the skill for developer workflows. - [EXTERNAL_DOWNLOADS]: Documentation in
SKILL.mdguides the installation of theplaywrightlibrary and browser binaries from official package registries.
Audit Metadata