010119-integration-test-setup

Pass

Audited by Gen Agent Trust Hub on Jul 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes a Python script scripts/generate-test.py designed to generate TypeScript boilerplate code for integration tests. It safely uses string formatting to inject user-provided test names and endpoints into a pre-defined template.
  • [DATA_EXFILTRATION]: The skill patterns involve interacting with local or test databases using the pg library and performing network requests via the fetch API. These capabilities are restricted to the skill's primary purpose of integration testing and rely on environment variables for configuration.
  • [SAFE]: The skill implements several security best practices for automated testing:
  • Scoped Cleanup: Uses specific naming patterns (e.g., test-%) to ensure that automated data deletion only targets test records.
  • Environment Guards: Includes describeIf(!IS_PROD, ...) guards to prevent the execution of destructive integration tests in production environments.
  • Secret Management: Recommends the use of environment variables (e.g., DATABASE_URL) rather than hardcoding credentials.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 8, 2026, 12:19 PM
Security Audit — agent-trust-hub — 010119-integration-test-setup