add-test

Warn

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill instructs the agent to prompt the user to create an API user with a hardcoded Client Secret (1234567890). While intended for integration testing, providing specific, weak secrets in instructions can lead to insecure configurations if applied to non-isolated environments.
  • [COMMAND_EXECUTION]: The skill executes local shell commands (npm run compile and npm test) to build and verify tests. This is a standard part of the intended workflow for software development and testing.
  • [EXTERNAL_DOWNLOADS]: The skill references the @umbraco-cms/mcp-server-sdk package. This is an official resource from the vendor (Umbraco) and is consistent with the skill's stated purpose.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 23, 2026, 03:32 PM
Security Audit — agent-trust-hub — add-test