Skills playwright-skill
🎭

playwright-skill

Low Risk ⚙️ External commands📁 Filesystem access🌐 Network access

Automate browser testing with Playwright

Playwright skill automates web testing with visible browser execution. It detects local dev servers, writes test scripts to temporary storage, and handles form filling, screenshots, and responsive design validation without cluttering your project.

Supports: Claude Codex Code(CC)
⚠️ 68 Poor
1

Download the skill ZIP

2

Upload in Claude

Go to Settings → Capabilities → Skills → Upload skill

3

Toggle on and start using

Test it

Using "playwright-skill". Take a screenshot of http://localhost:3000

Expected outcome:

Playwright skill detects server on port 3000, writes test script to /tmp/playwright-test-screenshot.js, launches visible Chromium browser, navigates to page, captures full-page screenshot to /tmp/screenshot.png, and reports completion with file path.

Using "playwright-skill". Test responsive design at 1920x1080, 768x1024, and 375x667

Expected outcome:

Skill creates test script with three viewport configurations, takes screenshots at each size named desktop.png, tablet.png, mobile.png in /tmp, and summarizes results with file paths and any observed layout shifts.

Using "playwright-skill". Test login with username admin and password test123

Expected outcome:

Script fills login form fields, clicks submit button, waits for navigation, verifies current URL contains dashboard, reports login success or failure with screenshot evidence saved to /tmp.

Security Audit

Low Risk
v1 • 1/22/2026

This is a legitimate Playwright browser automation skill with 293 static findings that are nearly all false positives. The scanner flagged documentation examples in markdown files as code. Actual code review confirms legitimate patterns: npm install for setup, file operations in /tmp, and localhost dev server detection. No credential exfiltration, malicious network calls, or security vulnerabilities detected.

5
Files scanned
1,806
Lines analyzed
8
findings
1
Total audits
Low Risk Issues (5)
SKILL.md:1-454API_REFERENCE.md:1-654
Static scanner flagged documentation as executable code
Of 293 static findings, 230+ are from SKILL.md and API_REFERENCE.md. These are bash code examples in markdown showing users how to run the skill. The scanner incorrectly treated documentation as executable code.
run.js:38-39
Playwright setup via npm install
run.js executes npm install and npx playwright install chromium to set up Playwright dependencies. This is standard setup behavior for a browser automation tool and only runs if Playwright is not already installed.
lib/helpers.js:390-412
Localhost dev server detection
helpers.js makes HEAD requests to common ports (3000, 3001, 8080, etc.) on localhost to detect running development servers. This is a convenience feature with 500ms timeout. No external network access.
lib/helpers.js:15-46
Environment variable access for configuration
The skill reads HEADLESS, SLOW_MO, PW_HEADER_NAME, PW_HEADER_VALUE for runtime configuration. These control browser visibility and HTTP headers for testing. No sensitive data accessed.
run.js:201-205
Temporary file creation in /tmp
run.js creates temporary execution files in /tmp with pattern .temp-execution-*.js. These are cleaned up on next run. This is safer than writing to the project directory.

Risk Factors

⚙️ External commands (1)
run.js:38-39
📁 Filesystem access (2)
run.js:56-60 run.js:201-205
🌐 Network access (1)
lib/helpers.js:390-412
Audited by: claude

Quality Score

38
Architecture
100
Maintainability
87
Content
33
Community
80
Security
91
Spec Compliance

What You Can Build

Automated regression testing

QA engineers automate repetitive test cases by asking the skill to write and execute Playwright scripts. The skill detects dev servers, runs tests with visible browser, and captures screenshots of failures.

Responsive design validation

Frontend developers verify layouts across breakpoints by requesting multi-viewport screenshots. The skill tests desktop, tablet, and mobile sizes, reporting layout shifts and visual bugs.

End-to-end workflow testing

Full-stack developers test complete user journeys from login to checkout. The skill fills forms, navigates pages, waits for async operations, and validates success states.

Try These Prompts

Quick screenshot 
Take a screenshot of http://localhost:3000
Test login flow 
Test login at http://localhost:3001/login with username admin and password test123. Verify redirect to dashboard.
Responsive design test 
Test http://localhost:3000/products at desktop 1920x1080, tablet 768x1024, and mobile 375x667. Save screenshots and report layout issues.
Full page automation 
Go to http://localhost:3000, click the signup button, fill email field with test@example.com, fill password with secure123, submit form, wait for success message, take screenshot.

Best Practices

  • Always use detectDevServers helper when testing localhost to find the correct port automatically
  • Write test scripts to /tmp directory to avoid cluttering your project with temporary automation files
  • Use visible browser mode for debugging by setting headless false, then switch to headless true for CI pipelines

Avoid

  • Do not hardcode production URLs or real user credentials in test scripts shared publicly
  • Avoid testing external websites without permission or rate limit awareness
  • Do not write test files to project directories when /tmp is available and safer

Frequently Asked Questions

What is playwright-skill?
A browser automation skill for Claude Code that uses Playwright to test websites. It writes test scripts to temporary storage and executes them with visible browser feedback for debugging.
How do I install Playwright?
Navigate to the skill directory and run npm run setup. This installs Playwright and Chromium browser. Installation is only needed once per system.
Can I test production websites?
Yes, but use caution. The skill is designed for localhost development servers. For production testing, ensure you have authorization and respect rate limits.
Where are test scripts saved?
All test scripts are written to /tmp/playwright-test-*.js as temporary files. Your operating system automatically cleans these files periodically.
How do I enable headless mode?
Set the HEADLESS environment variable to true, or specify headless true in the browser launch options. Default is visible mode for easier debugging.
Can I add custom HTTP headers?
Yes. Set PW_HEADER_NAME and PW_HEADER_VALUE environment variables for a single header, or PW_EXTRA_HEADERS as JSON object for multiple headers.

Developer Details

Author

lackeyjb

License

MIT

Repository

https://github.com/lackeyjb/playwright-skill/tree/main/skills/playwright-skill/

Ref

main

File structure

📁 lib/

📄 helpers.js

📄 API_REFERENCE.md

📄 package.json

📄 run.js

📄 SKILL.md