testing-e2e

Pass

Audited by Gen Agent Trust Hub on May 28, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches standard testing libraries and tools from well-known package registries, including Playwright, axe-core, and jest-axe. This is normal behavior for a testing-oriented development skill.
  • [COMMAND_EXECUTION]: Recommends standard Playwright CLI commands for running tests, initializing AI agents, and setting up MCP servers. These commands are consistent with official documentation and the primary purpose of the skill.
  • [PROMPT_INJECTION]: Analyzed for indirect prompt injection surfaces as the skill is designed to interact with and test external URLs; however, the instructions emphasize best practices such as mocking external APIs to maintain deterministic and safe test environments.
  • [SAFE]: Utilizes dynamic context injection (!command syntax) in utility scripts to perform benign local reconnaissance, such as counting existing page objects and detecting the project's test directory. These operations are non-destructive and limited to local metadata gathering.
Audit Metadata
Risk Level
SAFE
Analyzed
May 28, 2026, 10:06 AM
Security Audit — agent-trust-hub — testing-e2e