create-app-e2e-test

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection. It ingests data from the application's UI via the snapshot command to discover elements.
  • Ingestion points: UI text and structure are retrieved via pnpm test-driver snapshot as described in SKILL.md.
  • Boundary markers: The instructions do not define boundary markers or 'ignore' instructions for the data returned from snapshots.
  • Capability inventory: The skill can execute shell commands (pnpm), write new test files to the tests/app-e2e/ directory, and modify application source code to add data-testid attributes.
  • Sanitization: No sanitization or validation of the UI content is specified before the agent uses it to generate test code.
  • [COMMAND_EXECUTION]: The skill uses the local shell to interact with the application and run tests. It explicitly instructs the agent to run pnpm test-driver and pnpm test:app-e2e for exploration and verification.
  • [DYNAMIC_EXECUTION]: The agent dynamically generates Vitest test scripts at tests/app-e2e/<name>.test.ts and then executes them using the local test runner. This is the primary function of the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 01:21 PM
Security Audit — agent-trust-hub — create-app-e2e-test