Skills
skills/minitap-ai/agent-skills/minitest-cli/Gen Agent Trust Hub

minitest-cli

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill instructs the agent to install the Minitest CLI by executing a shell script fetched from the vendor's GitHub repository.
  • Evidence: curl -fsSL https://raw.githubusercontent.com/minitap-ai/minitest-cli/main/install.sh | bash in README.md and SKILL.md.
  • [EXTERNAL_DOWNLOADS]: The skill fetches the installation script from a remote GitHub repository and interacts with the Minitest API to manage testing flows and resources.
  • [COMMAND_EXECUTION]: The skill uses the minitest CLI tool to perform several operations, including app management, user story creation, and triggering test runs on virtual devices.
  • [DATA_EXFILTRATION]: The skill uploads mobile application builds (.apk and .ipa files) and application documentation to the Minitest platform as a core part of the automated testing workflow.
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection as it processes user-provided content and application metadata to generate test criteria. However, it mitigates this risk by requiring the agent to wait for explicit user approval before applying any changes to the testing environment.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 09:04 AM