e2e-reviewer
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface (Category 8). It is designed to ingest and process untrusted external data in the form of E2E test specs and Page Object Model files, which could contain malicious instructions embedded in comments or strings.
- Ingestion points: The agent reads content from test files (e.g.,
*.spec.ts,*.test.js,*.cy.ts) and Page Object Model files (e.g.,*.ts,*.js) via grep or file reading tools. - Boundary markers: The instructions do not define specific delimiters or include warnings for the agent to ignore instructions found within the analyzed files.
- Capability inventory: The skill utilizes grep tools and LLM analysis. While the skill doesn't explicitly request shell execution tools, the environment typically grants the agent capabilities like filesystem access or command execution which could be targeted by an injection.
- Sanitization: No sanitization, escaping, or validation steps are described for the content of the files being reviewed.
Audit Metadata