The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes various application startup and build commands (e.g., docker compose, npm run, ./mvnw) identified through project heuristics. To mitigate risks, it implements a mandatory 'Security Validation Gate' (Phase 1.5) that validates all derived commands against a whitelist and scans for forbidden patterns like sudo, rm -rf, and other destructive operations. \n- [PROMPT_INJECTION]: There is a surface for indirect prompt injection because the skill parses external functional specifications and task files to generate test cases. A maliciously crafted specification could attempt to influence the generation of testing commands. This is mitigated by the skill's logic, which parses specific fields for known patterns rather than executing raw text, and by the secondary command validation gate. \n- [DATA_EXFILTRATION]: The skill accesses local credential files (e.g., .env.test, e2e.credentials.json) specifically to perform authenticated testing. It includes an automated redaction process (Phase 6.2) that identifies and removes secrets like bearer tokens and passwords from the final markdown report and logs before they are saved to disk.

specs-e2e-verification