testing
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements security best practices by providing mechanisms to isolate the test environment from sensitive user configuration files like
~/.mobifyanddw.json. It correctly advises using/dev/nullas a dummy path to prevent unintended credential access. - [SAFE]: All external dependencies and referenced entities (@salesforce, salesforce.com) are well-known technology organizations. This ensures a secure supply chain and minimizes risk from untrusted third-party services.
- [SAFE]: Command execution is limited to standard Node.js test runners (Mocha, pnpm) and the project's own CLI binary (
bin/run.js), which is appropriate for a local testing environment. - [SAFE]: The hardcoded token value ('test-token') in the MockAuthStrategy class is explicitly for mocking API responses and does not represent a leak of actual production credentials.
Audit Metadata