From a0274e58418d227c43a843c06f4235717e77baf6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Galego?= <jgalego1990@gmail.com>
Date: Fri, 31 Oct 2025 18:21:51 +0000
Subject: [PATCH] Added Playwright MCP server

---
 npx/playwright-mcp/spec.yaml | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 npx/playwright-mcp/spec.yaml

diff --git a/npx/playwright-mcp/spec.yaml b/npx/playwright-mcp/spec.yaml
new file mode 100644
index 0000000..5e79119
--- /dev/null
+++ b/npx/playwright-mcp/spec.yaml
@@ -0,0 +1,25 @@
+# Playwright MCP Server Configuration
+# Official Playwright MCP server for browser automation and testing
+# Package: https://www.npmjs.com/package/@playwright/mcp
+# Repository: https://github.com/microsoft/playwright-mcp
+# Will build as: ghcr.io/stacklok/dockyard/npx/playwright-mcp:0.0.44
+
+metadata:
+  name: playwright-mcp
+  description: "Official Playwright MCP server for browser automation and testing"
+  protocol: npx
+
+spec:
+  package: "@playwright/mcp"
+  version: "0.0.44"
+
+provenance:
+  repository_uri: "https://github.com/microsoft/playwright-mcp"
+  repository_ref: "refs/heads/main"
+
+security:
+  allowed_issues:
+    - code: "TF001"
+      reason: "Data leak risk acceptable - tool designed for browser automation and web testing workflows where external content interaction is essential. Users should be aware of potential data exposure when automating web interactions."
+    - code: "TF002"
+      reason: "Destructive flow risk acceptable - browser automation tools are core functionality for web testing and automation. Users should only use with trusted prompts and on non-production systems."
\ No newline at end of file