Skills
skills/testomatio/skills/automate-test-cases/Gen Agent Trust Hub

automate-test-cases

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it processes untrusted manual test cases to generate and then execute automation scripts.
  • Ingestion points: Manual test steps are ingested from user input or source code comments as described in SKILL.md (Step 2.0).
  • Boundary markers: There are no explicit boundary markers or instructions to ignore embedded malicious instructions within the input test cases.
  • Capability inventory: The skill possesses the capability to write files to the local system (SKILL.md Step 5.1) and execute shell commands through test runners like npx playwright or npx codeceptjs (SKILL.md Step 4.1 and scripts/post-hook.sh).
  • Sanitization: No sanitization, validation, or filtering is performed on the input manual steps before they are interpolated into the code generation process.
  • [COMMAND_EXECUTION]: The skill executes shell-based test runners to verify generated code.
  • Execution Method: Uses npx to run playwright, codeceptjs, or cypress commands.
  • Context: This is a core part of the skill's 'Verify & Heal' workflow (Step 4.1) and the final verification in scripts/post-hook.sh. While expected for an automation tool, this execution environment is the primary vector for the indirect prompt injection risk mentioned above.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 09:40 AM