While automation tools are fundamental to modern software development, they also have the innate potential to be used for malicious purposes. This applies to Puppeteer and Playwright, too.
As a consequence, some user flows are made purposely hard to automate to defend against threat actors. Some examples:
- New user signup
- Social login through providers like Google, Facebook etc.
- "Forgot password" and similar reset scenarios