momentic-mobile-test

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it processes untrusted data from the mobile applications it interacts with during tests.
  • Ingestion points: The skill retrieves device state, including XML hierarchy, visible text, and screenshots, through the momentic_get_session_state tool.
  • Boundary markers: There are no explicit instructions or delimiters defined to separate the data retrieved from the mobile device from the agent's internal instructions.
  • Capability inventory: The agent has the capability to modify local test files (YAML), write to environment variables, and perform network operations via the axios helper in JavaScript steps.
  • Sanitization: The skill does not specify any sanitization or filtering protocols for content extracted from the mobile UI before it is interpreted by the agent.
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute the npx momentic-mobile lint command to validate test syntax and configuration, which involves running a command-line utility within the project environment.
  • [REMOTE_CODE_EXECUTION]: The skill facilitates the execution of JavaScript code either inline (using the --code flag) or by loading local script files (e.g., ./scripts/mobile-utilities/setup.js) to perform assertions and data preparation.
  • [EXTERNAL_DOWNLOADS]: The use of npx momentic-mobile results in the download and execution of the vendor's utility package from the npm registry.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 12:31 AM
Security Audit — agent-trust-hub — momentic-mobile-test