cypress-author
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill follows security best practices for credential management by instructing the agent to use
cy.env()for secrets instead of hardcoding them. - [SAFE]: External references are limited to official Cypress documentation and CLI tools.
- [COMMAND_EXECUTION]: The skill specifies running
npx cypress --versionto determine the environment configuration, which is a standard and safe operation for a testing tool. - [SAFE]: Indirect prompt injection surface exists as the skill reads project configuration and existing test files to inform its output. Ingestion points: existing spec files and project config. Boundary markers: absent. Capability inventory: Read and Edit tools. Sanitization: absent. This is consistent with the primary purpose of a code-generation agent.
Audit Metadata