creating-test-structure
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill ingests untrusted data from markdown test plans and local project files. The risk of prompt injection is minimal because the instructions strictly limit the agent to producing organizational blocks (describe/it) and non-executable comments. 1. Ingestion points: Markdown test plans, .webdriverio-skills/ context files, and website analysis references. 2. Boundary markers: Not explicitly defined. 3. Capability inventory: Reading local config files and writing JS/TS spec files. 4. Sanitization: The 'When Not to Use' and 'Common Mistakes' sections explicitly forbid the generation of actual WebdriverIO commands or executable code.
- Data Exposure & Exfiltration (SAFE): The skill reads local project context and analysis files to align naming conventions but contains no network capabilities (no curl, fetch, or requests) to exfiltrate this information.
- Command Execution (SAFE): The skill is designed for scaffolding and does not invoke subprocesses or execute the generated code.
Audit Metadata