testrail
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection surface. The skill fetches test case metadata (titles, steps, results) from TestRail to generate Playwright test files.
- Ingestion points: Data enters the agent context via the
testrail_get_casesMCP tool. - Boundary markers: No explicit delimiters or boundary instructions are used to distinguish imported data from the code templates.
- Capability inventory: The skill is capable of file system writes and shell command execution (
npx playwright). - Sanitization: The skill does not describe any sanitization or escaping mechanisms for data before it is interpolated into the generated code.
- [COMMAND_EXECUTION]: Dynamic script generation and execution. The skill writes Javascript/Typescript test files at runtime and executes them using the
npxcommand-line tool, which is a standard but sensitive operation dependent on the integrity of the generated source.
Audit Metadata