qa
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the Playwright automation library and the Chromium browser engine from official package registries when the user consents to installation.
- [COMMAND_EXECUTION]: Executes shell commands to check for existing tools, launch the application's development server (e.g.,
npm run dev), and run automation scripts. - [REMOTE_CODE_EXECUTION]: Dynamically generates and executes JavaScript scripts to automate browser interactions. This is the primary functional requirement for performing QA verification tasks.
- [PROMPT_INJECTION]: The skill is subject to an indirect prompt injection surface because it reads and processes content from the web pages it tests.
- Ingestion points: Application routes, web page content, and project documentation (PRD) files.
- Boundary markers: None identified; the skill does not explicitly use delimiters to separate page content from instructions.
- Capability inventory: Execution of shell commands and file system writes for reports and screenshots.
- Sanitization: No specific sanitization or filtering of the ingested content is performed before processing.
Audit Metadata