ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Tmp.SpQgKzelJa

Production-grade Playwright testing toolkit. Use when the user mentions Playwright tests, end-to-end testing, browser automation, fixing flaky tests, test mi...

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 124 · 0 current installs · 0 all-time installs
byAlireza Rezvani@alirezarezvani
duplicate of @alirezarezvani/playwright-pro
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md claims extensive functionality (two MCP TypeScript servers, 55 templates, 3 agents, reference/ and templates/ directories, and Claude Code slash-commands). The published package contains only SKILL.md (no code, no servers, no templates, no install spec). That mismatch means the skill is promising external resources or generated assets that are not present in the bundle; it's unclear how those capabilities are actually provided.
!
Instruction Scope
Instructions instruct the agent to scaffold configs, generate and modify test files, run local commands (e.g., npx playwright test), and sync/run on external services. They reference local directories (reference/, templates/) and runtime behavior (auto-apply fixes) that do not exist in the package. While the actions themselves are aligned with Playwright tasks, the instructions presume access to project files and optional external services; the skill does not document where its claimed server-side components live or how slash-commands are wired, leaving an operational gap.
Install Mechanism
No install spec and no code files are included; that minimizes direct installation risk (nothing is downloaded or written by the skill itself). However, the lack of install mechanism exacerbates the coherence issues because the SKILL.md references components that would normally be installed or hosted.
Credentials
SKILL.md shows optional env var examples for TestRail and BrowserStack credentials, which are reasonable for the claimed integrations. The package manifest does not require any env vars (good). Because those credentials are optional and only needed for the corresponding integrations, the requests themselves are proportionate — but you should only provide them if you understand where and how the skill will use them (see purpose/install concerns).
Persistence & Privilege
The skill does not request always-on presence (always:false) and does not declare any special system privileges or config paths. Autonomous invocation is allowed (platform default), which is expected for an agent skill. No requests to modify other skills or system-wide settings are present.
What to consider before installing
This skill is instruction-only but claims many assets and hosted components that are not included. Before installing or supplying any credentials: 1) Ask the publisher where the claimed MCP servers, templates, and reference files are hosted and how the slash-commands are wired — request URLs, repository links, or an install artifact. 2) Do not provide TestRail or BrowserStack credentials until you verify the integration endpoints and trust the service. 3) If you let the agent run scaffold/generation commands, review generated files before committing them and run tests in an isolated environment (avoid exposing CI secrets). 4) If the publisher cannot provide the missing code or a clear architecture, treat this package as incomplete/untrusted; prefer a skill that either bundles the templates or documents precise external endpoints and install steps.

Like a lobster shell, security has layers — review code before you run it.

Current versionv2.1.3
Download zip
latestvk976k8gcm8beavsaapmz4a8cjx82mts0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Playwright Pro

Production-grade Playwright testing toolkit for AI coding agents.

Available Commands

When installed as a Claude Code plugin, these are available as /pw: commands:

CommandWhat it does
/pw:initSet up Playwright — detects framework, generates config, CI, first test
/pw:generate <spec>Generate tests from user story, URL, or component
/pw:reviewReview tests for anti-patterns and coverage gaps
/pw:fix <test>Diagnose and fix failing or flaky tests
/pw:migrateMigrate from Cypress or Selenium to Playwright
/pw:coverageAnalyze what's tested vs. what's missing
/pw:testrailSync with TestRail — read cases, push results
/pw:browserstackRun on BrowserStack, pull cross-browser reports
/pw:reportGenerate test report in your preferred format

Quick Start Workflow

The recommended sequence for most projects:

1. /pw:init          → scaffolds config, CI pipeline, and a first smoke test
2. /pw:generate      → generates tests from your spec or URL
3. /pw:review        → validates quality and flags anti-patterns      ← always run after generate
4. /pw:fix <test>    → diagnoses and repairs any failing/flaky tests  ← run when CI turns red

Validation checkpoints:

  • After /pw:generate — always run /pw:review before committing; it catches locator anti-patterns and missing assertions automatically.
  • After /pw:fix — re-run the full suite locally (npx playwright test) to confirm the fix doesn't introduce regressions.
  • After /pw:migrate — run /pw:coverage to confirm parity with the old suite before decommissioning Cypress/Selenium tests.

Example: Generate → Review → Fix

# 1. Generate tests from a user story
/pw:generate "As a user I can log in with email and password"

# Generated: tests/auth/login.spec.ts
# → Playwright Pro creates the file using the auth template.

# 2. Review the generated tests
/pw:review tests/auth/login.spec.ts

# → Flags: one test used page.locator('input[type=password]') — suggests getByLabel('Password')
# → Fix applied automatically.

# 3. Run locally to confirm
npx playwright test tests/auth/login.spec.ts --headed

# 4. If a test is flaky in CI, diagnose it
/pw:fix tests/auth/login.spec.ts
# → Identifies missing web-first assertion; replaces waitForTimeout(2000) with expect(locator).toBeVisible()

Golden Rules

  1. getByRole() over CSS/XPath — resilient to markup changes
  2. Never page.waitForTimeout() — use web-first assertions
  3. expect(locator) auto-retries; expect(await locator.textContent()) does not
  4. Isolate every test — no shared state between tests
  5. baseURL in config — zero hardcoded URLs
  6. Retries: 2 in CI, 0 locally
  7. Traces: 'on-first-retry' — rich debugging without slowdown
  8. Fixtures over globals — test.extend() for shared state
  9. One behavior per test — multiple related assertions are fine
  10. Mock external services only — never mock your own app

Locator Priority

1. getByRole()        — buttons, links, headings, form elements
2. getByLabel()       — form fields with labels
3. getByText()        — non-interactive text
4. getByPlaceholder() — inputs with placeholder
5. getByTestId()      — when no semantic option exists
6. page.locator()     — CSS/XPath as last resort

What's Included

  • 9 skills with detailed step-by-step instructions
  • 3 specialized agents: test-architect, test-debugger, migration-planner
  • 55 test templates: auth, CRUD, checkout, search, forms, dashboard, settings, onboarding, notifications, API, accessibility
  • 2 MCP servers (TypeScript): TestRail and BrowserStack integrations
  • Smart hooks: auto-validate test quality, auto-detect Playwright projects
  • 6 reference docs: golden rules, locators, assertions, fixtures, pitfalls, flaky tests
  • Migration guides: Cypress and Selenium mapping tables

Integration Setup

TestRail (Optional)

export TESTRAIL_URL="https://your-instance.testrail.io"
export TESTRAIL_USER="your@email.com"
export TESTRAIL_API_KEY="your-api-key"

BrowserStack (Optional)

export BROWSERSTACK_USERNAME="your-username"
export BROWSERSTACK_ACCESS_KEY="your-access-key"

Quick Reference

See reference/ directory for:

  • golden-rules.md — The 10 non-negotiable rules
  • locators.md — Complete locator priority with cheat sheet
  • assertions.md — Web-first assertions reference
  • fixtures.md — Custom fixtures and storageState patterns
  • common-pitfalls.md — Top 10 mistakes and fixes
  • flaky-tests.md — Diagnosis commands and quick fixes

See templates/README.md for the full template index.

Files

1 total
Select a file
Select a file to preview.

Comments

Loading comments…