cypress
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Metadata & Documentation] (SAFE): The skill serves as a knowledge base and instruction set for the Cypress framework. It does not include any scripts or code that execute on the host system independently of the agent's intent. All provided code blocks are boilerplate examples for testing purposes.\n- [Indirect Prompt Injection Surface] (LOW): The skill references commands like
cy.exec(),cy.task(), andcy.visit(). This creates an attack surface where untrusted data (e.g., from a website being tested) could attempt to influence the agent. Evidence Chain: (1) Ingestion: Web content and test files; (2) Boundary markers: Absent in provided templates; (3) Capabilities: Subprocess execution, filesystem access, and network requests; (4) Sanitization: Not explicitly provided in the templates. This is an inherent risk of browser automation tools and is not a malicious feature of the skill.\n- [Command Execution Documentation] (SAFE): While the skill documents thecy.execcommand, it does so to enable legitimate testing activities. There are no patterns suggesting an attempt to use this for unauthorized privilege escalation or data exfiltration.
Audit Metadata