AI-Powered Visual Regression Testing
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/analyze_diff.pyexecutes system commands to retrieve context for visual analysis. - Evidence: Uses
subprocess.runto callgit logfor retrieving commit history over the last 7 days. - [EXTERNAL_DOWNLOADS]: The skill requires and recommends the installation of several well-known third-party libraries and frameworks.
- Evidence: Recommends installing
@storybook/test-runnerandplaywrightvia npm, andPillowandnumpyvia pip for image processing. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates untrusted data from git logs and pull request descriptions into its AI analysis pipeline.
- Ingestion points:
scripts/analyze_diff.pyingests git commit messages;SKILL.mddescribes ingesting PR descriptions for Claude-based analysis. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the analysis logic.
- Capability inventory: The analysis determines whether visual changes are approved or rejected, potentially allowing an attacker to bypass regression checks via malicious commit comments.
- Sanitization: No sanitization or filtering of commit messages or PR descriptions is performed before they are processed by the AI.
Audit Metadata