writing-e2e-tests
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes several shell commands to manage the local development and testing environment.
- Docker commands are used to rebuild the frontend after adding test IDs:
docker compose build,docker stop,docker rm, anddocker compose up. - Playwright tests are executed using the standard
npx playwright testcommand within thetests_end_to_end/e2e/directory. - [DATA_EXFILTRATION]: The skill accesses and modifies the local configuration file
~/.opik.config. - It reads the file to verify the
url_overrideand provides instructions to overwrite it with a local URL (http://localhost:5173/api) to prevent accidental data creation in cloud environments. - This interaction is documented as a safety check and includes a recommendation to back up the original configuration (
cp ~/.opik.config ~/.opik.config.bak). - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the analysis of external code and project data.
- Ingestion points: The skill analyzes frontend source code in
apps/opik-frontend/and branch or pull request diffs provided by the user (Step 1 and Step 2 inSKILL.md). - Boundary markers: There are no explicit delimiters or boundary instructions defined to prevent the agent from obeying instructions that might be embedded in the code or diffs.
- Capability inventory: The skill possesses the capability to execute shell commands (Docker, Playwright) and write to the local filesystem (
~/.opik.config). - Sanitization: No sanitization or validation of the content from source code or diffs is performed before it is processed by the agent.
Audit Metadata