add-e2e-test
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill enforces strong security practices for generated code, explicitly forbidding the use of insecure imports like
child_processorfetch, and mandating the use of a securerunClihelper that ensures environment isolation. - [SAFE]: It includes a robust credential management policy, requiring the agent to use a
readBootstrap()helper and specifically forbidding the hard-coding of API keys or the use of production credentials. - [SAFE]: The skill incorporates a mandatory 'Self-grep' section (Step N-1) which provides shell commands for the agent to run against its own output to detect potential security flaws, such as credential leaks or unsafe import patterns, before finalization.
- [SAFE]: Instructions for handling sensitive license tokens specify that the agent must only check for their existence and never log, assert, or expose the actual values.
Audit Metadata