add-test
Warn
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill instructs the agent to prompt the user to create an API user with a hardcoded Client Secret (
1234567890). While intended for integration testing, providing specific, weak secrets in instructions can lead to insecure configurations if applied to non-isolated environments. - [COMMAND_EXECUTION]: The skill executes local shell commands (
npm run compileandnpm test) to build and verify tests. This is a standard part of the intended workflow for software development and testing. - [EXTERNAL_DOWNLOADS]: The skill references the
@umbraco-cms/mcp-server-sdkpackage. This is an official resource from the vendor (Umbraco) and is consistent with the skill's stated purpose.
Audit Metadata