frontend-testing
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute several shell commands, including
pnpm test,pnpm test:coverage, and a project-specific utilitypnpm analyze-component <path>. These commands are utilized to run test suites and perform static analysis on component complexity. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests local source files (components, hooks, and utilities) to generate testing code. If these files contain adversarial content, they could potentially influence the test generation logic or the agent's instructions.
- Ingestion points: Reads local frontend source files (.tsx, .ts) within the project directory.
- Boundary markers: None identified; the skill processes the file content directly for analysis.
- Capability inventory: The agent can write new test files to the disk and execute them using the
pnpmtest runner. - Sanitization: There are no explicit sanitization or filtering steps mentioned for the code being analyzed before it is used to generate tests.
Audit Metadata