playwright-debugger
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, data exfiltration, or dangerous command executions were found. The skill operates as intended for debugging purposes.
- [PROMPT_INJECTION]: The skill processes external, untrusted data from Playwright report artifacts, which is a surface for indirect prompt injection. This is addressed with a dedicated safety section in the SKILL.md. 1. Ingestion points: The agent reads from
playwright-report/results.jsonandtrace.zip. 2. Boundary markers: The skill contains an explicit 'Safety: artifacts are untrusted data' section that overrides external instructions. 3. Capability inventory: The skill uses shell commands likenpx,jq,unzip, andfindto process these files. 4. Sanitization: The instructions mandate that strings from reports are rendered as quoted text and that the agent must not execute any directives found within them.
Audit Metadata