010119-integration-test-setup
Pass
Audited by Gen Agent Trust Hub on Jul 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a Python script
scripts/generate-test.pydesigned to generate TypeScript boilerplate code for integration tests. It safely uses string formatting to inject user-provided test names and endpoints into a pre-defined template. - [DATA_EXFILTRATION]: The skill patterns involve interacting with local or test databases using the
pglibrary and performing network requests via thefetchAPI. These capabilities are restricted to the skill's primary purpose of integration testing and rely on environment variables for configuration. - [SAFE]: The skill implements several security best practices for automated testing:
- Scoped Cleanup: Uses specific naming patterns (e.g.,
test-%) to ensure that automated data deletion only targets test records. - Environment Guards: Includes
describeIf(!IS_PROD, ...)guards to prevent the execution of destructive integration tests in production environments. - Secret Management: Recommends the use of environment variables (e.g.,
DATABASE_URL) rather than hardcoding credentials.
Audit Metadata