ui-test-agent

This skill should be used when the user wants to perform UI automation testing on web pages. It enables a full "record-then-report" workflow: execute real br...

This skill appears to implement a legitimate UI record-and-report workflow, but take these precautions before using it: - get_screenshot requirement: The SKILL.md insists on a separate get_screenshot tool (and explicitly forbids agent-browser's screenshot) but the package does not include that tool or declare it. Ensure you have a trusted screenshot utility available and update the instructions if needed. - Verify failure-handling: SKILL.md requires that single-step failures do NOT stop the overall recording/processing, but the generated .sh contains 'set -e' and the .bat contains errorlevel-based exits. If you plan to replay the generated shell/batch scripts, either remove 'set -e' or adjust the script generation to match the intended behavior. - Inspect recorded session before replay: The replay scripts execute the recorded 'command' fields verbatim. A malicious or malformed recorded command could execute arbitrary shell commands when you run the generated .sh/.bat. Always review or sanitize session.json (or run replays in an isolated/sandbox environment) before executing generated scripts. - SKILL_DIR path: The SKILL.md suggests a hardcoded SKILL_DIR path. Confirm the actual skill path at runtime or adapt calls to use a resolved path variable instead of assuming ~/.workbuddy/skills/... - Operational recommendation: If you will run this skill, do so in a controlled environment (sandbox/container) the first few times, verify that agent-browser and get_screenshot are the tools you expect, and consider adding sanitization or escaping around recorded commands before generating executable replays. Given these mismatches and the replay risk, treat the skill as 'suspicious' until you confirm the screenshot tool, adjust the failure semantics, and adopt a safe workflow for reviewing recorded sessions before replay.

Type: OpenClaw Skill Name: ui-test-agent Version: 1.0.0 The skill is designed for UI automation testing but contains significant security vulnerabilities in its report and script generation logic. Specifically, 'save_test_report.py' is vulnerable to Cross-Site Scripting (XSS) as it embeds unsanitized session data and Base64-encoded images into a standalone HTML file, and 'save_test_script.py' poses a command injection risk by directly concatenating recorded commands into executable .sh and .bat files. While these appear to be unintentional flaws (vulnerabilities) rather than intentional malware, the lack of input sanitization when generating executable artifacts from potentially untrusted web interactions warrants a suspicious classification.