Skills
skills/umbraco/umbraco-cms-backoffice-skills/umbraco-skill-test-runner/Gen Agent Trust Hub

umbraco-skill-test-runner

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION] (MEDIUM): The skill's primary function is to execute local scripts and commands. Specifically, the documentation states it will automatically run dotnet run from the ./Umbraco-CMS.Skills/ directory. This automated process-spawning capability could be exploited if the targeted project directory contains malicious code.
  • [CREDENTIALS_UNSAFE] (LOW): The skill documentation explicitly requests sensitive environment variables UMBRACO_USER_LOGIN and UMBRACO_USER_PASSWORD. While these are not hardcoded, their usage within a script (run-tests.ts) that is not provided for inspection creates a risk of logging or accidental exposure of credentials.
  • [INDIRECT_PROMPT_INJECTION] (LOW):
  • Ingestion points: The skill processes "skill examples" which are external files provided to the agent.
  • Boundary markers: Absent. The documentation does not specify delimiters or instructions to ignore embedded prompts within the test examples.
  • Capability inventory: The skill uses Bash, Read, and Glob tools and can execute arbitrary shell commands.
  • Sanitization: Absent. There is no evidence that the test runner sanitizes the output of the tests before generating the JSON report, which the agent might later consume.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:01 PM