launch
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Local Command Execution: The skill utilizes shell commands to compile code and launch the VS Code Insiders application. These actions are typical for automating software development environments and testing extensions.
- User Profile Management: The skill suggests using a persistent user data directory (
~/.vscode-ext-debug) to store VS Code settings and authentication sessions. While this directory contains sensitive login information for services like GitHub Copilot, its use is necessary to ensure the automated agent remains authenticated during testing. - Browser Automation and JavaScript Evaluation: The skill connects to VS Code via the Chrome DevTools Protocol (CDP) and executes JavaScript within the application's context using the
evalcommand. This is a standard method for interacting with complex UI components like the Monaco editor that are otherwise difficult to automate.
Audit Metadata