Skills
skills/decocms/deco-start/deco-e2e-testing/Gen Agent Trust Hub

deco-e2e-testing

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The run-e2e.ts script uses Deno.Command to spawn and manage local processes, including the site's development server (deno task dev) and the test runner (npm test). The script is executed with Deno's -A flag, granting full system permissions.
  • [INDIRECT_PROMPT_INJECTION]: The MetricsCollector utility in metrics-collector.ts extracts and logs metadata from the target website via response headers (x-deco-section) and URL parameters (props, resolveChain). This data is displayed to the agent or user, representing an injection surface.
  • Ingestion points: extractSectionName and extractNameFromProps functions in templates/utils/metrics-collector.ts.
  • Boundary markers: None present.
  • Capability inventory: Subprocess management in run-e2e.ts and local file writes in baseline.ts.
  • Sanitization: Content is decoded and parsed but not sanitized before being logged or stored in reports.
  • [REMOTE_CODE_EXECUTION]: The scaffold.sh shell script performs dynamic code generation by modifying local templates with site-specific values via sed. Additionally, the skill's workflow involves installing external dependencies from the NPM registry.
  • [DATA_EXPOSURE]: In run-e2e.ts, the script passes the entire local environment context (Deno.env.toObject()) to the spawned test process, which may lead to the unintended exposure of sensitive environment variables to the test logs or environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 11:22 PM