e2e
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. It ingests untrusted data from multiple ingestion points, including
package.json,playwright.config.ts,vitest.config.ts, and various*.spec.mdfiles. There are no explicit boundary markers or sanitization processes mentioned to prevent instructions embedded in these external files from overriding the agent's logic. This risk is compounded by the skill's capability inventory, which includes reading and writing to the filesystem and executing shell commands viayarn. - [COMMAND_EXECUTION]: The skill is designed to perform command execution through the
yarnpackage manager to run test suites (e.g.,yarn playwright test). Although these commands are part of the primary intended functionality for E2E testing, they provide a mechanism for executing code that may be influenced by untrusted project configurations or scripts found during the discovery phase.
Audit Metadata