E2E自动化工程师 端到端流程测试
PassAudited by ClawScan on May 8, 2026.
Overview
This is a coherent instruction-only testing skill, but it may run local end-to-end test commands, use test logins, and consult project docs, so use it in a safe test environment.
Before installing, make sure you are comfortable with the agent running repository E2E commands and browser flows. Use isolated test environments, test accounts, and reviewed project guidance files, and keep any collaboration notifications free of secrets or production data.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may run browser tests or framework commands that consume resources and can affect local test state.
The skill directs the agent to run a local repository E2E test command. This is central to the stated testing purpose, but it still means the agent may execute local test workflows.
Use `php bin/w e2e:run` for repository-supported browser testing.
Use a test or disposable environment, confirm the intended test scope, and avoid pointing the workflow at production services unless explicitly intended.
If real credentials are supplied, the agent may observe or use them while driving browser flows.
The skill may require login details or account/session prerequisites for realistic browser testing. This is expected for E2E validation, but it involves delegated account access.
Any login, seed data, or runtime prerequisites.
Provide only least-privilege test accounts and non-production seed data whenever possible.
The agent may rely on project instructions that have not been reviewed here.
The skill references additional local project documents and skills that were not included in the reviewed artifact set. This is common for project-specific skills, but it means some behavior-shaping guidance is outside this review.
Source Material - `AI-ENTRY.md` - `CLAUDE.md` - `dev/ai/skills/testing/SKILL.md`
Review the referenced project guidance files before relying on the skill in a sensitive repository.
Failure details, environment notes, or prerequisite information could be shared in a team or agent-collaboration context.
The skill instructs the agent to notify a named role when issues occur. This appears collaboration-oriented, but the reviewed artifact does not define the notification channel or data boundaries.
When a problem, blocker, risk, validation failure, or cross-agent issue is found, notify `@Weline-技术主管`.
Clarify where notifications go and avoid including secrets, tokens, or sensitive test data in collaboration updates.