e2e-testing

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Playwright/Cypress E2E testing skill with no automatic execution or hidden data access.

Install this if you want Chinese-language guidance for Playwright or Cypress E2E testing. For login, payment, wallet, or financial tests, keep runs in staging or mocked environments, avoid real production transactions, and treat screenshots, traces, and reports as potentially sensitive test artifacts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 92% confidence
Finding: The file is written entirely in Chinese and presents normative guidance without indicating that the language is optional or scoped to a Chinese-speaking audience. In a general-purpose agent skill, this can cause the agent to respond in Chinese regardless of user preference, degrading usability, causing misunderstandings in security- or test-critical workflows, and potentially excluding users who cannot review the generated output.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal