Skip to main content

playwright-best-practices

Offers best practices for writing resilient Playwright tests, including locator strategies and web-first assertions.

Install this skill

or
58/100

Security score

The playwright-best-practices skill was audited on Feb 12, 2026 and we found 18 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 126

Template literal with variable interpolation in command context

SourceSKILL.md
126this.log = debug(`test:page:${this.constructor.name}`);
medium line 248

Template literal with variable interpolation in command context

SourceSKILL.md
248page.on('console', msg => console.log(`[browser] ${msg.text()}`));
medium line 349

Template literal with variable interpolation in command context

SourceSKILL.md
349await request.delete(`/api/users/${userId}`); // Depends on previous!
medium line 355

Template literal with variable interpolation in command context

SourceSKILL.md
355const deleteResponse = await request.delete(`/api/users/${id}`);
medium line 447

Template literal with variable interpolation in command context

SourceSKILL.md
447await this.page.request.delete(`/api/users/${id}`);
medium line 455

Template literal with variable interpolation in command context

SourceSKILL.md
455email: `test-${Date.now()}@example.com`,
low line 26

Access to .env file

SourceSKILL.md
26reporter: process.env.CI || process.env.CLAUDE
low line 266

Access to .env file

SourceSKILL.md
266await page.getByLabel('Email').fill(process.env.TEST_USER_EMAIL!);
low line 267

Access to .env file

SourceSKILL.md
267await page.getByLabel('Password').fill(process.env.TEST_USER_PASSWORD!);
low line 296

Access to .env file

SourceSKILL.md
296data: { email: process.env.TEST_USER_EMAIL, password: process.env.TEST_USER_PASSWORD },
low line 369

Access to .env file

SourceSKILL.md
369forbidOnly: !!process.env.CI,
low line 370

Access to .env file

SourceSKILL.md
370retries: process.env.CI ? 2 : 0,
low line 371

Access to .env file

SourceSKILL.md
371workers: process.env.CI ? 1 : undefined,
low line 373

Access to .env file

SourceSKILL.md
373reporter: process.env.CI || process.env.CLAUDE
low line 378

Access to .env file

SourceSKILL.md
378baseURL: process.env.BASE_URL ?? 'http://localhost:3000',
low line 406

Access to .env file

SourceSKILL.md
406reuseExistingServer: !process.env.CI,
low line 378

External URL reference

SourceSKILL.md
378baseURL: process.env.BASE_URL ?? 'http://localhost:3000',
low line 405

External URL reference

SourceSKILL.md
405url: 'http://localhost:3000',
Scanned on Feb 12, 2026
View Security Dashboard

Install this skill with one command

/learn @neversight/playwright-best-practices
GitHub Stars 55
Rate this skill
Categorydevelopment
UpdatedMarch 29, 2026
openclawtestingqa-engineerbackend-developerfrontend-developerplaywrightdevelopment
NeverSight/skills_feed