Playwright.Tmp
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: playwright-tmp Version: 1.0.0 The skill bundle provides a comprehensive and safe set of instructions for browser automation using Playwright and Playwright MCP. It includes detailed documentation for testing, debugging, and scraping, while explicitly enforcing security best practices such as requiring user confirmation for high-stakes production flows and avoiding session persistence by default. No indicators of malicious intent, data exfiltration, or unauthorized execution were found across the files (SKILL.md, ci-cd.md, etc.).
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent using this skill could interact with logged-in websites or upload local files as part of a user-requested browser workflow.
The skill intentionally exposes broad browser actions, including clicking, typing, evaluating page JavaScript, and choosing files for upload. This is expected for Playwright automation, but it can submit forms, extract page data, or upload files if used on real sites.
Typical Playwright MCP tool actions include: ... `browser_click` ... `browser_type` ... `browser_evaluate` ... `browser_choose_file`
Use it on clearly scoped sites and require explicit user confirmation before submitting forms, making purchases, changing account settings, uploading files, or performing other irreversible actions.
Running the command may download and execute package code from the npm ecosystem on the user's machine.
The documented quick start runs an npm package through npx without a pinned version. This is a normal Playwright MCP setup path, but it means the package resolved at run time should be trusted.
```bash npx @playwright/mcp --headless ```
Verify the package name and publisher, prefer pinned versions in controlled environments, and run setup commands only in an appropriate project or sandboxed development environment.
If reused carelessly, a saved auth file could let browser tests or automation act as an existing user account.
The testing guidance includes optional saved browser authentication state. The surrounding text appropriately limits reuse, but stored sessions can carry account privileges.
Persist auth only when the suite already standardizes that pattern and the stored state is safe to reuse. const authFile = 'playwright/.auth/user.json';
Use dedicated test accounts, avoid privileged or personal sessions, keep auth files out of source control, and reuse saved sessions only when the project intentionally standardizes that pattern.
Failure artifacts could expose private UI data, test credentials shown on screen, or downloaded content to anyone with CI artifact access.
The CI guidance stores Playwright reports, traces, screenshots, and videos as artifacts. This is standard for debugging, but those artifacts may preserve sensitive rendered page content.
path: playwright-report/ retention-days: 7 ... trace: 'on-first-retry', screenshot: 'only-on-failure', video: 'on-first-retry'
Restrict CI artifact access, avoid real secrets in browser tests, redact sensitive data where possible, and keep retention periods short.