migrate
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes 'npx playwright test' to verify the functionality of converted tests, which is an intended part of the migration process.
- [PROMPT_INJECTION]: The skill ingests and processes external test files, creating an indirect prompt injection surface.
- Ingestion points: Test files in the cypress/ directory, Python test files, and package.json dependencies.
- Boundary markers: The instructions do not define specific delimiters or 'ignore' instructions for the content of processed files.
- Capability inventory: The agent can read project files, execute CLI commands, and perform file deletions upon user confirmation.
- Sanitization: There is no explicit sanitization of the input code before it is converted or executed for verification.
Audit Metadata