e2e-test-specialist
PassAudited by VirusTotal on May 5, 2026.
Overview
Type: OpenClaw Skill Name: ah-e2e-test-specialist Version: 1.0.0 The skill bundle provides a comprehensive set of templates and instructions for an end-to-end testing specialist. The code examples in references/examples.md cover standard industry practices for Playwright, Cypress, API testing, and CI/CD integration without any signs of malicious intent, data exfiltration, or prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If copied into a real project without scoping, generated tests could affect live data or run broad database operations.
The Cypress example exposes database query and seeding tasks. This is common for E2E test setup, but it can modify or inspect application data if used against the wrong environment.
queryDb: (query) => { return queryDatabase(query, config); }, seedDatabase: () => { return seedTestDatabase(config); }Use these patterns only with isolated test databases, restrict task inputs, and require explicit review before running tests against shared or production environments.
A broadly privileged token could let tests create or modify account data if run against the wrong service.
The examples show authenticated API testing with an API token. This is expected for E2E/API tests, but tokens should be scoped and handled carefully.
'Authorization': `Bearer ${Cypress.env('API_TOKEN')}`Use least-privilege test credentials, keep tokens out of committed files and logs, and separate test/staging credentials from production credentials.