tauri-mcp-test-runner
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION] (SAFE): The skill uses tools for screenshots (
tauri_webview_screenshot) and log reading (tauri_read_logs). These are legitimate actions for a UI testing agent and are used within the context of validating application behavior. No network exfiltration patterns were found. - [PROMPT_INJECTION] (LOW): The skill possesses an indirect prompt injection surface as it ingests content from the application being tested (e.g., via
cursor_get_context). While a test document containing malicious instructions could theoretically influence the agent, this is a standard risk for document-processing skills and no malicious bypasses are present in the skill itself. - [COMMAND_EXECUTION] (SAFE): Keystrokes and UI interactions are simulated specifically within the target application's webview. There is no evidence of shell access, system-level command execution, or unauthorized privilege escalation.
Audit Metadata