Security Audit
openai/skills:skills/.curated/playwright-interactive
github.com/openai/skillsTrust Assessment
openai/skills:skills/.curated/playwright-interactive received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 5 findings: 5 critical, 0 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Insecure Sandbox Disabling Instruction.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 0/100, indicating areas for improvement.
Last analyzed on July 17, 2026 (commit 49f948fa). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings5
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/.curated/playwright-interactive/SKILL.md:137 | |
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/.curated/playwright-interactive/SKILL.md:160 | |
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/.curated/playwright-interactive/SKILL.md:181 | |
| CRITICAL | Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/.curated/playwright-interactive/SKILL.md:684 | |
| CRITICAL | Insecure Sandbox Disabling Instruction The skill instructions explicitly direct the user/LLM to disable sandboxing by starting Codex with `--sandbox danger-full-access` (or setting `sandbox_mode=danger-full-access`). This bypasses critical security boundaries and exposes the host system to arbitrary code execution risks during the execution of the Playwright/JS REPL session. Remove instructions that recommend disabling the sandbox. Instead, configure specific, minimal permissions or wait until secure sandboxed support for `js_repl` and Playwright is fully implemented. | LLM | SKILL.md:18 |
Scan History
Embed Code
[](https://skillshield.io/report/8a56e4febdfb396f)
Powered by SkillShield