Test Runner
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: test-runner Version: 1.0.0 The skill bundle provides instructions and code snippets for setting up and running tests across various programming languages and frameworks. All commands and dependencies listed are standard for testing tools (e.g., `npm install`, `npx vitest`, `pytest`, `playwright`). There is no evidence of prompt injection against the agent, data exfiltration, malicious execution, persistence mechanisms, or obfuscation. The content is clearly aligned with its stated purpose of running tests.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running tests may execute code from the local project, so users should only run tests in projects they trust.
The skill instructs users to run local test commands, which execute project test code. This is central to a test-runner skill and is not hidden or unrelated.
npx vitest run # Single run pytest # Run all swift test # Run all tests
Use the commands in the intended project directory and review unfamiliar test code before running it.
Installing test dependencies may download third-party packages or browser binaries into the development environment.
The documentation includes unpinned package-manager install commands and a Playwright browser install step. These are expected setup steps for testing frameworks, but they rely on external package sources.
npm install -D vitest @testing-library/react @testing-library/jest-dom uv pip install pytest pytest-cov pytest-asyncio httpx npm install -D @playwright/test npx playwright install
Prefer existing project lockfiles, trusted registries, and normal dependency review before installing new test packages.