test
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Potential indirect prompt injection surface via test tags.
- Ingestion points: User-provided feature tags (e.g., @core) are used for filtering test execution in SKILL.md.
- Boundary markers: No delimiters or explicit instructions to ignore embedded commands are present in the skill definition.
- Capability inventory: The skill triggers end-to-end testing via Playwright, which typically involves system command execution.
- Sanitization: No validation, escaping, or sanitization logic for the user-supplied tags is specified.
- [COMMAND_EXECUTION]: The skill's intended functionality involves executing shell commands (Playwright) using external input, which represents a potential command injection path if tags are maliciously crafted.
Audit Metadata