testing-e2e
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill files contain no logic for data exfiltration, obfuscation, or unauthorized access. The scripts and instructions are consistent with the skill's stated purpose of facilitating E2E testing.
- [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection as it processes and summarizes output from external testing frameworks which could include untrusted content from the application under test.
- Ingestion points: Console output and log data from commands like
npm run test:e2eorpytest. - Boundary markers: No specific boundary markers or instructions to ignore embedded commands were found in the skill's documentation.
- Capability inventory: The skill allows for local shell command execution to initiate test suites.
- Sanitization: No evidence of sanitization or validation of the test output before it is processed by the agent was found.
Audit Metadata