The Agent Skills Directory

[CREDENTIALS_UNSAFE]: A hardcoded API key (006dfde8d5037a1e366db2bb24e915d3) for the imgbb.com service was found in the documentation providing implementation examples for uploading evidence.
[DATA_EXFILTRATION]: The skill provides logic to capture screenshots of the local development browser and upload them to a third-party service (api.imgbb.com). This presents a high risk of exfiltrating sensitive information, such as PII or internal credentials, that might be visible in the user's UI during the testing process.
[EXTERNAL_DOWNLOADS]: The skill's setup instructions include a command to install the expect-cli package globally via the NPM registry (npm install -g expect-cli@latest).
[COMMAND_EXECUTION]: The skill executes multiple powerful shell commands to facilitate its testing workflow, including tmux for session management, ffmpeg for processing video recordings, curl for network data transfer, and gh (GitHub CLI) for interacting with repository releases and comments.
[PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it consumes untrusted data from git diff outputs and live browser DOM content to generate and execute test plans. This could allow an attacker to embed instructions in source code or web pages to manipulate the agent's actions during the test cycle.
Ingestion points: Reads git diff output and processes active browser content via Playwright.
Boundary markers: Absent from the provided implementation and instructions.
Capability inventory: Execution of system commands (npm, tmux, ffmpeg, curl, gh) and browser automation capabilities.
Sanitization: No validation or sanitization of the external content is implemented.

expect-test