magento-testing
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill directs the agent to fetch documentation from Adobe's official developer portal (
developer.adobe.com), a well-known technology provider. This is consistent with its purpose of guiding Magento 2 development. - [SAFE]: Test execution commands like
vendor/bin/phpunitandvendor/bin/mftfare standard in the Magento ecosystem and represent normal development activity. - [DATA_EXPOSURE_AND_EXFILTRATION]: No sensitive file access, credential usage, or suspicious network transmissions were detected.
- [PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface due to fetching external documentation while maintaining write and command execution capabilities. The risk is considered safe as the source is a trusted service.
- Ingestion points: Documentation fetched via WebFetch from
developer.adobe.com(SKILL.md). - Boundary markers: Not explicitly defined for the external content.
- Capability inventory: Bash, Write, and Edit tools are listed in the skill frontmatter.
- Sanitization: No specific sanitization of external documentation is described.
Audit Metadata