cypress-explain
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it is designed to analyze and explain potentially untrusted Cypress test specifications and project configurations.
- Ingestion points: The agent reads relevant spec files, configuration, support files, and helpers from the local environment (SKILL.md, Step 3).
- Boundary markers: The instructions do not explicitly define delimiters or warnings to ignore instructions that may be embedded within the code being analyzed.
- Capability inventory: The skill is restricted to the
Readtool as specified in the YAML frontmatter, preventing it from taking unauthorized actions. - Sanitization: No specific logic for sanitizing or escaping the content of the read files is described prior to generating explanations.
- [SAFE]: The skill references authoritative documentation from official Cypress sources to ground its explanations.
Audit Metadata