orchardcore-tester
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: Hardcoded credentials for the admin account are present across several files, including SKILL.md, references/admin-navigation.md, and references/setup-wizard.md. Specifically, the password 'Password1!' and email 'admin@test.com' are provided as defaults for automation.
- [COMMAND_EXECUTION]: The skill uses PowerShell and Bash commands to manage the application lifecycle, including 'dotnet build', 'dotnet run', and 'Stop-Process'. It also uses 'Remove-Item -Recurse -Force' to delete the 'App_Data' directory during site resets.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it ingests external data. Ingestion points: It reads application logs from 'src/OrchardCore.Cms.Web/App_Data/logs/' using 'Get-Content' and captures web page state via 'playwright-cli snapshot'. Boundary markers: None are used to separate external data from agent instructions. Capability inventory: The skill can execute shell commands ('dotnet'), manage processes ('Stop-Process'), and modify the file system ('Remove-Item'). Sanitization: No filtering or escaping is applied to the log content or web snapshots before the agent processes them.
Audit Metadata