typo3-testing
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]:\n
- The skill is configured to orchestrate development environments by downloading official TYPO3 testing Docker images from GitHub Container Registry (ghcr.io/typo3/core-testing-php*).\n
- It utilizes Microsoft's official Playwright Docker image (mcr.microsoft.com/playwright) for end-to-end testing workflows.\n
- The setup instructions involve fetching standard development dependencies from official registries via Composer (Packagist) and NPM.\n- [COMMAND_EXECUTION]:\n
- Includes a specialized test runner script (runTests.sh) that automates Docker container orchestration, including network management and service synchronization (waiting for database ports).\n
- Provides utility scripts (setup-testing.sh, generate-test.sh) that facilitate extension infrastructure setup and boilerplate code generation within the developer's local environment.\n- [SAFE]:\n
- This skill functions as a template collection for standard developer tasks and does not exhibit malicious behavior or unauthorized data access.\n
- Hardcoded salts and password hashes found in database fixtures (be_users.csv) and CI configuration files (github-actions-e2e.yml) are clearly labeled as test-only credentials for sandboxed testing environments.\n
- All network operations are directed towards well-known, trusted infrastructure providers and official software repositories.
Audit Metadata