Skills
skills/lgariv-dn/frontend-skills/e2e-ci-debug/Gen Agent Trust Hub

e2e-ci-debug

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [External Downloads] (SAFE): The scripts/download-artifacts.sh script downloads workflow artifacts from GitHub using the gh CLI. As GitHub is a trusted external source and the downloads are restricted to the current repository's context, this finding is downgraded to SAFE per [TRUST-SCOPE-RULE].
  • [Command Execution] (SAFE): The shell scripts utilize standard system utilities (gh, jq, unzip, rm) for managing test results. No patterns of arbitrary command execution or obfuscated shell commands were detected.
  • [Indirect Prompt Injection] (LOW): The skill's primary function is to ingest and display test failure data for AI analysis. This presents an attack surface where a malicious actor could craft specific test failure strings in a PR to attempt to influence the AI agent's instructions.
  • Ingestion points: scripts/parse-junit.py (referenced) and data extracted by download-artifacts.sh.
  • Boundary markers: None identified in the provided scripts to delimit untrusted test output.
  • Capability inventory: The skill facilitates local execution of nx and playwright commands based on the parsed results.
  • Sanitization: No sanitization or escaping of the JUnit XML content is performed in the shell wrappers.
  • [Missing File] (INFO): The source code for scripts/parse-junit.py was not provided in the analyzed set, although its behavior is documented as using only the Python standard library.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:15 PM