skills/metabase/mb-cli/add-e2e-test/Gen Agent Trust Hub

add-e2e-test

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill enforces strong security practices for generated code, explicitly forbidding the use of insecure imports like child_process or fetch, and mandating the use of a secure runCli helper that ensures environment isolation.
  • [SAFE]: It includes a robust credential management policy, requiring the agent to use a readBootstrap() helper and specifically forbidding the hard-coding of API keys or the use of production credentials.
  • [SAFE]: The skill incorporates a mandatory 'Self-grep' section (Step N-1) which provides shell commands for the agent to run against its own output to detect potential security flaws, such as credential leaks or unsafe import patterns, before finalization.
  • [SAFE]: Instructions for handling sensitive license tokens specify that the agent must only check for their existence and never log, assert, or expose the actual values.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 11:58 AM
Security Audit — agent-trust-hub — add-e2e-test