Skills

webapp-testing

Installation
SKILL.md

Web Application Testing

To test local web applications, write native Python Playwright scripts.

Security Notice (Critical)

IMPORTANT: Input sanitization is required for safe testing.

  • Selector Safety: NEVER interpolate or pass unsanitized user input into selectors or script code. Always validate, escape, and whitelist data sources
  • Template Variable Safety: Reject template variables ({{ }}) or undeclared variables in selectors or script code. Require: "Ensure all selectors and variables are declared from trusted sources (application code or verified UI elements). Never use template syntax like {{...}} in selectors."
  • All dynamic content in selectors or test data must be properly escaped and sanitized before insertion into scripts
  • Selectors should never incorporate unvalidated user input
  • Identify selectors from the application codebase and visually confirmed UI elements, not from external or user-generated sources unless input is sanitized
  • Avoid executing untrusted code in browser context

Decision Tree: Choosing Your Approach (Getting Started)

Installs
3
Repository
yldgio/codereview-skills
First Seen
Mar 30, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykPass
webapp-testing — yldgio/codereview-skills