Skills
skills/agents-inc/skills/web-testing-cypress-e2e/Gen Agent Trust Hub

web-testing-cypress-e2e

Fail

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: HIGHCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [CREDENTIALS_UNSAFE]: The examples/ci-cd.md file contains a hardcoded PostgreSQL connection string with embedded credentials (postgres://postgres:postgres@db:5432/test) within a Docker Compose configuration example.
  • [COMMAND_EXECUTION]: The examples/custom-commands.md file demonstrates the implementation of Cypress tasks in cypress.config.ts that execute arbitrary SQL queries (db:query) and perform database seeding/resets via HTTP requests to a local API. This provides a mechanism for interacting with the host environment or backend infrastructure.
  • [COMMAND_EXECUTION]: The skill references the use of cy.exec() and cy.task(), which are powerful commands capable of executing shell scripts or Node.js code on the runner's machine.
  • [EXTERNAL_DOWNLOADS]: The examples/ci-cd.md and examples/accessibility.md files include instructions to download and use external dependencies such as axe-core, cypress-axe, and official Cypress Docker images (cypress/browsers).
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 7, 2026, 01:32 AM