e2e-audit
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using the
pnpmpackage manager to scaffold new testing infrastructure and run automated test suites. - [CREDENTIALS_UNSAFE]: The skill's instructions require the agent to analyze authentication storage mechanisms and manage test user credentials (e.g.,
seed-users.ts,JIRA_PAT). While high-privilege, this behavior is documented as necessary for the skill's primary function of auditing protected application routes. - [PROMPT_INJECTION]: The skill processes potentially untrusted data from external PRD files, creating a vulnerability to indirect prompt injection.
- Ingestion points: The agent is instructed to read markdown files from the
context-library/prds/directory to define the audit scope and test logic. - Boundary markers: The skill does not provide specific delimiters or instructions to the agent to disregard natural language commands that might be embedded within the PRD content.
- Capability inventory: The skill possesses the ability to modify the local filesystem by creating the
apps/e2e/package and to execute arbitrary shell commands via Playwright and pnpm. - Sanitization: There are no verification or filtering steps defined to sanitize the PRD content before it is used to generate executable test scripts or environment configurations.
Audit Metadata