It would have needed to be done through Chromium in non-headless (likely full Xvfb) mode, with step screenshots, and screenshot comparison (always flaky!), for the Safe Browsing interstitial to have generated an alert.

FWIW, the Safe Browsing interstitials are managed by a slightly disorientating bunch of browser/renderer interactions mostly initiated by C++ that basically delivers chrome://interstitials/safebrowsing?type=malware instead of the page in question, IIRC with the renderer setup so you can't right-click and view source etc.

From a pure perspective, yes, you should be able to use headless mode and run some sort of validation on the HTML. That would make things really straightforward.

In practice... the easiest explanation is that I just spent about 35 minutes trying to find a live test/example safe-browsing trigger so I could check whether right-click is disabled, and I couldn't find one. Even after firing up a separate Chrome profile and verifying Safe Browsing was enabled at chrome://safe-browsing/, modifying /etc/hosts to point http://malware.testing.google.test/testing/malware/* anywhere did not work, none of the links https://testsafebrowsing.appspot.com/ generate any scary red warnings (and now my Downloads folder is full of EXEs), and I'm kinda sitting dazedly scratching my head a bit. Maybe all this requires some magic sauce I'm not aware of, or maybe it's just quietly bitrotted (doesn't seem to be the case?)... but the overwhelming lack of determinism is what makes trying to automate this next to impossible.

You just have to shove the website into a browser and screenshot the output. Because the chain between "load URL" and "user sees red" is that rickety, that there's no clean way to test it. D: