agent-testing

Warn

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [CREDENTIALS_UNSAFE]: The scripts/init-dev-env.sh file contains several hardcoded credentials used to bootstrap a local development and testing environment. This includes AGENT_TESTING_API_KEY="sk-lh-agenttesting0001", a Base64 encoded QSTASH_LOCAL_TOKEN, and other secrets like AUTH_SECRET and KEY_VAULTS_SECRET. While intended for local mock environments, these represent hardcoded sensitive patterns.
  • [COMMAND_EXECUTION]: The skill makes extensive use of osascript in bot/ platform scripts and references/osascript.md to automate third-party macOS applications (Discord, Slack, WeChat, Telegram, etc.). These scripts simulate user input through keystroke and key code commands and manipulate the system clipboard. Additionally, scripts/electron-dev.sh manages application lifecycles using pgrep and kill -9 based on process string matching.
  • [REMOTE_CODE_EXECUTION]: Several scripts involve the dynamic generation and execution of code. scripts/agent-gateway/run.ts uses Bun.build to compile TypeScript probes into JavaScript at runtime, which are then injected into a browser via agent-browser eval. scripts/init-dev-env.sh also executes a Node.js script that is dynamically constructed within the shell script using a heredoc.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the download of external resources including Docker images (paradedb/paradedb:latest, redis:7-alpine) and specialized testing tools like agent-browser and ffmpeg. These resources are fetched from well-known registries and official sources.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 19, 2026, 11:52 AM
Security Audit — agent-trust-hub — agent-testing