Skills
skills/web-infra-dev/midscene-skills/vitest-midscene-e2e/Gen Agent Trust Hub

vitest-midscene-e2e

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads a project boilerplate from the vendor's repository at https://github.com/web-infra-dev/midscene-example.git. This is used to scaffold the testing environment and is a standard vendor-provided resource.
  • [COMMAND_EXECUTION]: Executes a local shell script (scripts/clone-boilerplate.sh) which uses git to manage the local copy of the boilerplate repository.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8) because it processes natural language instructions to interact with third-party UIs via the aiAct API.
  • Ingestion points: User-provided task prompts and content extracted from the UI of the applications being tested (Web, Android, and iOS).
  • Boundary markers: No specific delimiters or instructions are used to distinguish between the user's intended commands and content parsed from the target application's interface.
  • Capability inventory: Extensive UI interaction capabilities including tapping, typing, and state assertion via Playwright, ADB, and WebDriverAgent.
  • Sanitization: There is no evidence of sanitization or filtering of UI content before it is processed by the AI agent to determine the next action.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 04:15 PM