Skills
skills/alirezarezvani/claude-skills/report/Gen Agent Trust Hub

report

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Uses shell commands to execute Playwright tests (npx playwright test) and manage report files.
  • [EXTERNAL_DOWNLOADS]: Fetches testing dependencies via npx from the official npm registry, a well-known package service.
  • [DATA_EXFILTRATION]: Forwards test result summaries to external endpoints defined by the user in SLACK_WEBHOOK_URL and TESTRAIL_URL environment variables.
  • [PROMPT_INJECTION]: Processes test outputs that could contain attacker-controlled strings if the test code or environment is compromised.
  • Ingestion points: Test report JSON file (SKILL.md).
  • Boundary markers: None used in Markdown or Slack templates.
  • Capability inventory: npx command execution, curl network requests, and file system operations.
  • Sanitization: Test names and error details are not escaped or sanitized before being included in generated reports.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 05:35 AM