create-e2e-test
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides a structured template for Vitest-based end-to-end tests. The template code focuses on standard database mocking, API interaction, and assertion patterns common in Node.js development.\n- [COMMAND_EXECUTION]: The documentation references standard shell commands (
pnpm test) for executing the generated test suites. These are consistent with the skill's purpose as a developer tool.\n- [PROMPT_INJECTION]: The skill incorporates a surface for indirect prompt injection by using the$ARGUMENTSplaceholder to define a file creation path without specifying validation requirements.\n - Ingestion points: The
<module-name>provided via$ARGUMENTSin SKILL.md.\n - Boundary markers: Absent; the argument is directly interpolated into the file path string.\n
- Capability inventory: The skill instructs the agent to create a new file based on the provided path and template.\n
- Sanitization: There are no instructions or patterns provided to sanitize the input against path traversal sequences (e.g.,
../).
Audit Metadata