The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes various system commands to run test suites across multiple languages and frameworks, including npm test, pytest, go test, cargo test, and dotnet test. It also utilizes docker-compose to manage test environments. These operations are directly aligned with the skill's primary purpose of feature verification and testing.
[INDIRECT_PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection as it processes untrusted data from test outputs and project configuration files.
Ingestion points: The skill reads project-level configuration from .harness/config.json and parses runtime test logs/outputs to determine pass/fail status.
Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the processed data are defined.
Capability inventory: The agent has the capability to execute shell commands, perform browser automation via Playwright MCP, and modify project documentation and tasks via manage_task and manage_document tools.
Sanitization: There is no evidence of sanitization or filtering of the content extracted from test failures before it is interpolated into task updates or session notes.

harness-tester