peach-e2e-suite
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell scripts, specifically
./e2e.sh, to manage Chrome Beta profiles, set up environments, and run test scenarios. These commands are necessary for its documented testing functionality. - [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill extracts data from the web browser or URL and uses it to construct shell commands for subsequent test steps.
- Ingestion points: The skill ingests data from the browser DOM or location URL using
agent-browser evalduring the automated execution of test suites. - Boundary markers: There are no explicit markers or instructions to isolate or ignore malicious content within the extracted data.
- Capability inventory: The agent has the ability to execute shell commands, perform database queries, and read/write files in the local repository.
- Sanitization: The instructions do not specify any sanitization or escaping of the extracted data before it is used to populate environment variables like
E2E_ORDER_IDin shell commands.
Audit Metadata