vista
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection.
- Ingestion points: The agent parses external test and coverage artifacts including junit.xml, lcov.info, Allure results, and Playwright JSON reports.
- Boundary markers: The instructions lack requirements to wrap ingested content in delimiters or provide 'ignore instructions' warnings when processing this data.
- Capability inventory: The skill executes local file system reads (to ingest artifacts) and writes (to generate Markdown and HTML reports).
- Sanitization: There are no protocols for sanitizing or escaping data extracted from artifacts before it is interpolated into the final reports. Malicious strings embedded within test reports could be used to influence the agent's behavior or deceive users viewing the generated reports.
- [EXTERNAL_DOWNLOADS]: Fetches the Mermaid.js library from a public CDN.
- The skill's HTML output specification requires inlining a script reference to https://cdn.jsdelivr.net/npm/mermaid@10/dist/mermaid.min.js for rendering diagrams. While jsDelivr is a well-known service, this involves a remote dependency.
- [COMMAND_EXECUTION]: Utilizes CLI tools to fetch CI artifacts.
- The skill uses the gh (GitHub) and glab (GitLab) command-line interfaces to list and download run artifacts from remote CI environments.
Audit Metadata