buildwright
ReviewAudited by ClawScan on May 10, 2026.
Overview
Buildwright matches an autonomous coding-and-PR workflow, but it can trust workspace-provided agent prompts while holding repository write access, so users should review it carefully before enabling automation.
Install only if you are comfortable with an agent modifying your repository and opening PRs. Start with `BUILDWRIGHT_AUTO_APPROVE` unset, use a fine-grained single-repo GitHub token, run it on a branch or sandbox first, and inspect any `.buildwright/agents/` prompt files before letting the workflow operate autonomously.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A repo could include prompt files that influence how the agent writes code, reviews security, or proceeds with changes.
Workspace-controlled files are treated as agent instructions. In an untrusted repository, those prompt files could redirect the agent's review criteria, approval behavior, or implementation choices.
instructions loaded from `.buildwright/agents/` files in the workspace... The agent adopts these personas
Inspect and trust `.buildwright/agents/` before running the skill, especially in cloned or third-party repositories; keep those prompts limited to review criteria and do not let them override user approvals or safety rules.
The agent can create commits, push branches, and open GitHub pull requests.
The skill is designed to use developer tooling to modify the repository and publish changes. This is central to the stated purpose, but it is high-impact if run in the wrong repo or with broad credentials.
Commit, push, and open a PR via `gh`
Use it first in a sandbox or non-critical branch, review diffs before merging, and avoid enabling autonomous approval until comfortable with the workflow.
A broadly scoped token could allow changes across more repositories than intended.
The required token has repository write authority. The artifact discloses this and recommends fine-grained tokens, so it is purpose-aligned rather than hidden.
`GITHUB_TOKEN` | Push commits and open PRs via `gh` | `repo` scope (read/write)
Use a fine-grained GitHub token limited to the single repository and only the needed Contents and Pull Request permissions.
Local project summaries may persist implementation details and may guide future agent decisions.
The skill can create and refresh persistent codebase summaries. This is useful for development, but stale or manipulated summaries could influence later work.
`/bw-analyse` ... write structured docs to `.buildwright/codebase/` ... auto-refreshes existing docs when `BUILDWRIGHT_AUTO_APPROVE=true`
Review generated `.buildwright/codebase/` documents, exclude secrets, and refresh them only from trusted repository contents.