Skills
skills/agentmantis/testskills/promote-acceptance-test/Gen Agent Trust Hub

promote-acceptance-test

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [SAFE]: No malicious patterns or security violations were detected in the skill's instructions or workflow.
  • [COMMAND_EXECUTION]: The skill uses npx playwright test to verify that tests function correctly in their new location. This command is standard for the Playwright framework and is necessary for the skill's stated purpose of promoting verified tests.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes and executes existing test files.
  • Ingestion points: Reads test files from e2e/tests/acceptance/ and e2e/tests/regression/ (SKILL.md).
  • Boundary markers: Absent. There are no instructions for the agent to use delimiters or specific ignore patterns when reading the content of the test files.
  • Capability inventory: Performs file system modifications (move, delete) and shell command execution (npx).
  • Sanitization: Absent. The skill does not validate the content of the test files for malicious code before execution.
  • [DATA_EXFILTRATION]: The skill examples reference an authentication state file (e2e/.auth/user.json). This is a standard practice in automated end-to-end testing for managing session state and does not constitute a data exfiltration risk in this context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 09:27 AM