Skills
skills/secondsky/sap-skills/sap-sac-test-automation/Gen Agent Trust Hub

sap-sac-test-automation

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill demonstrates a high level of security awareness for enterprise environments.
  • It provides detailed instructions for redacting sensitive information like authentication tokens, cookies, and PII from discovery artifacts.
  • It explicitly forbids committing secrets or auth state to version control, recommending secure local storage instead.
  • It implements a capability gate that checks for enterprise restrictions (e.g., Windows Group Policy, network proxies) before suggesting the use of automation tools.
  • [EXTERNAL_DOWNLOADS]: The skill references several well-known browser automation tools and package managers.
  • References include playwright, agent-browser, and chrome-devtools-mcp.
  • The guidance strongly recommends using pinned versions, internal npm registries, and artifact mirrors to mitigate supply chain risks in restricted environments.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes content from external SAC dashboards.
  • Ingestion points: The skill is designed to ingest accessibility snapshots, console logs, and network metadata from live SAC stories into the agent context for analysis (found in references/agent-browser-discovery.md and references/chrome-devtools-mcp.md).
  • Boundary markers: The skill enforces a strict 'discovery proposes, humans approve' rule and includes detailed human review checklists to verify AI-generated discovery output before it is used for test generation (found in SKILL.md and references/agent-browser-discovery.md).
  • Capability inventory: The skill has the ability to create test configuration files and execute shell commands for browser control, such as npx, Start-Process, and open (found in SKILL.md and references/tool-availability-and-deployment.md).
  • Sanitization: The instructions mandate the use of redaction flags (e.g., --redact-network-headers), PII filters, and manual masking of volatile UI components during data ingestion (found in references/chrome-devtools-mcp.md and references/governance-and-sac-testability.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 06:01 AM
Security Audit — agent-trust-hub — sap-sac-test-automation