e2e-testing
Pass
Audited by Gen Agent Trust Hub on May 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for project initialization using
flutter-skill init, which is designed to patch application source code with a testing bridge and manage application launches viaflutter-skill launch. - [EXTERNAL_DOWNLOADS]: The skill references several platform-specific packages from official registries (including npm, pub.dev, NuGet, Cargo, and Swift Package Manager) all maintained by the vendor to facilitate testing on various environments.
- [DATA_EXFILTRATION]: Tools such as
screenshotandget_logsenable the agent to access the application's user interface and runtime logs. This capability is required for the tool's primary purpose of UI verification and debugging. - [INDIRECT_PROMPT_INJECTION]: The tool ingests UI data which could contain content controlled by external inputs.
- Ingestion points: UI text and element properties are read via
inspect_interactiveandget_texttools inSKILL.md. - Boundary markers: None mentioned.
- Capability inventory: Interactive tools including
tap,enter_text, andpress_keyare available to the agent. - Sanitization: No specific sanitization of the application's UI content is detailed in the skill instructions.
Audit Metadata