test-automation-expert
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is authorized to use the Bash tool for specific testing commands including
npm test,npx jest,npx vitest,npx playwright, andpytest. These permissions are strictly scoped to the skill's primary function of executing test suites. - [REMOTE_CODE_EXECUTION]: Reference documentation for CI/CD integration includes examples of fetching scripts from Codecov. Codecov is a well-known and trusted service in the developer community, and its use here is consistent with standard industry practices for code coverage reporting.
- [SAFE]: No signs of prompt injection, data exfiltration, or obfuscation were found. The skill uses standard placeholders for secrets in documentation examples, such as
secrets.CHROMATIC_PROJECT_TOKENandsecrets.SLACK_WEBHOOK.
Audit Metadata