Playwright Mcp 1.0.0

Security checks across malware telemetry and agentic risk

Overview

This skill provides disclosed browser automation features that match its stated purpose, with some normal caution needed around credentials and saved browser outputs.

Install this if you want an agent to automate websites through Playwright. Use host allowlists when possible, avoid entering real credentials except on trusted sites, review submissions or account-changing actions before they run, and treat screenshots, traces, videos, and extracted page data as potentially sensitive.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The examples demonstrate logging into a website and submitting credentials without any warning about secrets handling, consent, or data transmission to external services. In a browser automation skill, this is especially risky because it normalizes entering usernames and passwords into arbitrary sites and may encourage use with real credentials, session cookies, or sensitive forms.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal