Skills
skills/edwinhu/workflows/dev-test-electron/Gen Agent Trust Hub

dev-test-electron

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes several local command-line tools including curl, jq, and websocat to communicate with the application debugging port. It also performs process management tasks such as launching the application with npm start and terminating existing instances using kill.
  • [REMOTE_CODE_EXECUTION]: To achieve automation, the skill sends JavaScript expressions to be executed within the context of the Electron application's renderer and main processes using the CDP Runtime.evaluate command.
  • [DATA_EXFILTRATION]: The skill retrieves potentially sensitive runtime information for verification purposes, including application cookies (session.defaultSession.cookies.get), local storage data, and viewport screenshots (Page.captureScreenshot). It also reads local application configuration and log files.
  • [EXTERNAL_DOWNLOADS]: The skill makes local network requests to http://localhost:9222/json/list to discover debugging targets and establish the necessary WebSocket connections for control.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 12:46 PM