e2e-testing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill's architecture is susceptible to Indirect Prompt Injection because it uses an LLM to evaluate untrusted web content.
- Ingestion points: Web page accessibility snapshots and screenshots are ingested for evaluation in
references/flexibility-criteria-guide.md. - Boundary markers: Absent; the schema in
references/test-regime-schema.mddoes not define delimiters to separate page content from instructions. - Capability inventory: The skill can perform automated browser actions including
click,type, andnavigateas specified in the schema. - Sanitization: None; the documentation does not describe any methods for filtering or sanitizing the content of the pages being tested.
- [Credentials] (SAFE): The
test-regime-schema.mdcorrectly recommends using environment variables for credentials rather than hardcoding sensitive data. - [No Code] (SAFE): No executable code or scripts were provided in the analyzed skill files.
Audit Metadata