umbraco-e2e-testing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECREDENTIALS_UNSAFE
Full Analysis
- Credentials Unsafe (LOW): The files umbraco.config.ts and README.md contain a hardcoded default password (1234567890) used as a fallback for the UMBRACO_USER_PASSWORD environment variable. While common in examples, hardcoding credentials in test scripts is a security anti-pattern.
- Data Exposure & Exfiltration (LOW): The playwright.config.ts file disables SSL/TLS certificate validation by setting ignoreHTTPSErrors: true. This allows the testing agent to connect to sites with invalid or self-signed certificates, which could facilitate man-in-the-middle attacks if used outside a controlled local environment.
Audit Metadata