run-automated-tests
Warn
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill identifies and executes shell commands extracted from repository documentation, CI configurations, and build manifests. An attacker could embed malicious commands in files like
README.mdorMakefilewhich the skill might then propose to the user for execution. - [REMOTE_CODE_EXECUTION]: The skill facilitates the installation of third-party dependencies and the execution of test suites. This process involves running code provided by the target repository, which could lead to arbitrary code execution on the host system.
- [EXTERNAL_DOWNLOADS]: The skill supports network-dependent operations, such as installing packages via
npmorpipand mirroring CI environments, which involves fetching and potentially executing code from external package registries.
Audit Metadata