daytona-electron-test
Pass
Audited by Gen Agent Trust Hub on May 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes daytona exec to perform shell commands for environment setup, service management, and executing development scripts like .devcontainer/test-on-daytona.sh.
- [EXTERNAL_DOWNLOADS]: Remote operations are performed to retrieve source code and install dependencies using git fetch, pnpm install, and apt-get update/install.
- [PROMPT_INJECTION]:
- Ingestion points: Branch and commit references are used as arguments for setup scripts, and user-provided prompts are used for application testing.
- Boundary markers: No delimiters or boundary markers are used when interpolating input variables into shell commands or browser automation scripts.
- Capability inventory: The skill has the ability to execute arbitrary shell commands via daytona exec and JavaScript via browser_eval in the context of the Electron application.
- Sanitization: Input parameters are not validated or sanitized before being passed to execution environments.
Audit Metadata