Remove dev/playwright_agent directory (security + cleanup)#524
Merged
Conversation
Security issue: Hardcoded RunPod API credentials were committed in plaintext at lines 31-32 of playwright_agent.py (RUNPOD_BASE_URL and RUNPOD_API_KEY). This directory contained experimental code that is not actively being worked on. Removing it addresses the credential exposure and reduces maintenance burden. The exposed API key has been verified as already rotated/invalidated. Reported by: Sahil Siddiki
|
Thanks for addressing this, Kyle! Happy I could help flag it. 🙌 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Removes the
dev/playwright_agentdirectory entirely.Motivation
Security Issue
Hardcoded credentials were committed in plaintext at lines 31-32 of
playwright_agent.py:RUNPOD_BASE_URLRUNPOD_API_KEYThis was reported by Sahil Siddiki via external outreach. The exposed API key has been verified as already rotated/invalidated.
Not Actively Maintained
This directory contained experimental Playwright MCP agent code that is not currently being worked on. Removing it reduces maintenance burden.
Changes
dev/playwright_agent/directory (5 files)playwright_agent.pypyproject.tomluv.lockeval_results.jsonjob_desc_dataset.jsonNotes
pyproject.toml— the playwright_agent had its own isolatedpyproject.toml