A new AI-driven testing framework addresses a persistent problem in software development: web test suites that break and get abandoned after UI changes or timing updates. Researchers have published findings on arXiv demonstrating a system that autonomously generates, maintains, and executes web application tests while simultaneously performing security validation.

The framework tackles five common failure modes in automated testing: navigation reliability issues, broken element selectors after UI changes, timing-related race conditions, and the inability to learn from past failures. It uses a containerized worker architecture that separates test orchestration from browser execution, allowing long-running tests to operate independently without blocking other operations.

Testing across four production applications and 176 scenarios showed significant improvements over traditional Selenium-based manual test authoring. The system increased script generation success rates from 55% to 93%, reduced navigation failures by a factor of eight, eliminated 80% of race conditions caused by timing issues, and cut test creation time by 75%. The framework generates context-aware selectors that adapt to UI changes and injects intelligent wait conditions to handle asynchronous operations.

The system extends beyond functional testing into security validation by accepting plain English descriptions of attack scenarios. When a tester inputs commands like "try accessing another user's invoice," the framework converts these instructions into browser-based security probes aligned with OWASP Top 10 vulnerabilities. In testing, it detected 85% of authentication bypass vulnerabilities and 95% of input validation flaws while maintaining false positive rates below 12%.

The researchers note that natural-language-driven security testing represents a novel approach in the field. Organizations struggling with abandoned test suites or resource-intensive security validation processes may find value in AI-assisted testing frameworks that reduce manual effort while improving coverage. The containerized architecture and learning capabilities suggest the system can adapt to evolving applications without constant human intervention.

Source: https://arxiv.org/abs/2605.15281