migrate-to-rstest
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands via
npxand local package managers to install dependencies and run test suites during the validation phase. - [EXTERNAL_DOWNLOADS]: Fetches migration documentation and configuration mappings from the official Rstest domain (
rstest.rs). It also utilizes the@antfu/nipackage from the npm registry. - [DATA_EXPOSURE]: The skill reads project configuration files (e.g.,
package.json,jest.config.ts) and test source code to identify current framework usage and perform migrations. This access is limited to files required for the specified task. - [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: Reads test suite files and configuration files in the user's workspace to detect frameworks and apply code transformations.
- Boundary markers: Absent; the instructions do not specify the use of delimiters when reading or processing the content of untrusted test files.
- Capability inventory: Includes file modification (migration edits), file deletion (removal of legacy config files), and shell command execution (installing packages and running tests).
- Sanitization: The skill mandates strict regex templates and 'literal API substitution' to ensure that only intended framework identifiers are modified, reducing the risk of accidental execution of instructions embedded in test data.
Audit Metadata