custom-test-process
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes arbitrary shell commands to start backend and frontend servers in the background using the '&' operator.
- [PROMPT_INJECTION]: Instructions explicitly direct the agent to unset the 'CLAUDECODE' environment variable to bypass a safety check within the Claude Agent SDK that prevents nested execution.
- [EXTERNAL_DOWNLOADS]: Utilizes 'uv' and 'npm' which may fetch external packages or dependencies from public registries during the execution of 'uv run' and 'npm run'.
- [COMMAND_EXECUTION]: Shell commands interpolate environment variables ('BACKEND_PORT', 'VITE_PORT') directly, creating a surface for indirect command injection if these inputs are untrusted.
- Ingestion points: Environment variables provided by 'custom-environment-setup'.
- Boundary markers: None present in the command strings.
- Capability inventory: Subprocess execution via Bash ('uv run', 'npm run', 'curl').
- Sanitization: No visible sanitization or validation of the port variables before execution.
Audit Metadata