Playwright Browser Automation
ReviewAudited by ClawScan on May 1, 2026.
Overview
The skill is a coherent Playwright browser automation guide, but users should be aware it can install browser tooling, automate logged-in sessions, and save local artifacts like screenshots, videos, PDFs, and auth state.
This skill looks purpose-aligned for Playwright automation. Before installing or using it, review the npm/npx and sudo setup commands, avoid placing real passwords or tokens directly in scripts, protect any saved auth.json files, and require confirmation before automation performs account changes, purchases, public posts, uploads, or other sensitive website actions.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill's tooling can add global packages, browser binaries, and system dependencies to the user's machine.
The skill instructs users to install Playwright globally, download browser binaries, and optionally run a sudo dependency installer. This is typical for Playwright but still modifies the local system and depends on external npm/npx sources.
npm install -g playwright npx playwright install chromium sudo npx playwright install-deps chromium
Install from the official Playwright package source, consider pinning versions where possible, and review any sudo command before running it.
An agent using this skill could perform real website actions such as submitting forms or moving files when the user directs it to do so.
The documented Playwright workflows can click buttons, submit forms, upload files, and save downloads. These are core browser automation capabilities, but they can affect third-party sites or local files if used carelessly.
await page.getByRole('button', { name: 'Sign in' }).click();
...
await page.setInputFiles('input[type="file"]', '/path/to/file.pdf');
...
await download.saveAs('/path/to/save/' + download.suggestedFilename());Use explicit user confirmation for purchases, account changes, public posts, file uploads, or other irreversible website actions.
If used with real credentials or session cookies, the automation can access and change data as the logged-in user.
The skill documents using browser credentials, cookies, and tokens. This is expected for authenticated browser automation, but it means the automated browser may act with the user's account privileges.
httpCredentials: { username: 'user', password: 'pass' }
...
context.addCookies([{ name: 'session', value: 'abc123', domain: '.example.com', path: '/' }])
...
localStorage.setItem('token', 'xyz')Prefer test accounts or least-privileged accounts, avoid embedding real secrets in scripts, and confirm sensitive account actions before allowing automation to proceed.
A saved auth state file could let later automation access the same logged-in session, and the file may expose session data if mishandled.
The skill documents persisting and reusing Playwright storage state. Such files can contain cookies or tokens and may be reused across browser automation sessions.
await context.storageState({ path: 'auth.json' });
// Later: await browser.newContext({ storageState: 'auth.json' });Store auth state files securely, keep them scoped to the intended site/account, delete them when no longer needed, and avoid sharing them.
Users may be confused about whether the intended setup is direct Playwright API use or MCP server configuration.
The example file describes MCP-based usage, while the SKILL.md presents the skill as direct Playwright API automation without MCP complexity. This appears to be a documentation inconsistency rather than malicious behavior.
Example script for using Playwright MCP server with OpenClaw.
Treat examples.py as conceptual only and follow the setup path you actually intend to use; maintainers should align the example file with the SKILL.md description.