Skip to main content

e2e-testing-patterns

Guides implementation of expert-level end-to-end testing patterns, focusing on automation and decision frameworks for web applications.

Install this skill

or
51/100

Security score

The e2e-testing-patterns skill was audited on Jun 13, 2026 and we found 21 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 401

Template literal with variable interpolation in command context

SourceSKILL.md
401customerEmail: `test-${uuid()}@example-test.com`,
medium line 415

Template literal with variable interpolation in command context

SourceSKILL.md
415throw new Error(`Failed to create test order: ${await response.text()}`);
medium line 425

Template literal with variable interpolation in command context

SourceSKILL.md
425await request.delete(`/api/internal/test/orders/${orderId}`, {
medium line 443

Template literal with variable interpolation in command context

SourceSKILL.md
443await adminPage.goto(`/admin/orders/${order.id}`);
medium line 444

Template literal with variable interpolation in command context

SourceSKILL.md
444await expect(adminPage.getByRole('heading', { name: `Order #${order.id}` })).toBeVisible();
medium line 448

Template literal with variable interpolation in command context

SourceSKILL.md
448await adminPage.waitForResponse(`**/api/orders/${order.id}`);
medium line 507

Template literal with variable interpolation in command context

SourceSKILL.md
507```yaml
low line 320

Access to .env file

SourceSKILL.md
320email: process.env.E2E_USER_EMAIL!,
low line 321

Access to .env file

SourceSKILL.md
321password: process.env.E2E_USER_PASSWORD!,
low line 344

Access to .env file

SourceSKILL.md
344email: process.env.E2E_ADMIN_EMAIL!,
low line 345

Access to .env file

SourceSKILL.md
345password: process.env.E2E_ADMIN_PASSWORD!,
low line 410

Access to .env file

SourceSKILL.md
410'X-Test-API-Key': process.env.E2E_INTERNAL_API_KEY!,
low line 426

Access to .env file

SourceSKILL.md
426headers: { 'X-Test-API-Key': process.env.E2E_INTERNAL_API_KEY! },
low line 592

Access to .env file

SourceSKILL.md
592forbidOnly: !!process.env.CI,
low line 593

Access to .env file

SourceSKILL.md
593retries: process.env.CI ? 2 : 0,
low line 594

Access to .env file

SourceSKILL.md
594workers: process.env.CI ? 4 : 2,
low line 598

Access to .env file

SourceSKILL.md
598process.env.CI ? ['github'] : ['list'],
low line 601

Access to .env file

SourceSKILL.md
601baseURL: process.env.BASE_URL ?? 'http://localhost:3000',
low line 241

External URL reference

SourceSKILL.md
241Testing login flows that redirect to an external identity provider (Google OAuth, Okta, Auth0, SAML) is a common E2E challenge. Never automate the third-party login UI directly -- it violates the prov
low line 253

External URL reference

SourceSKILL.md
253Ephemeral preview environments (Vercel previews, Railway, Heroku review apps) often have HTTP basic auth applied as a blanket security measure to prevent public access. This breaks Playwright/Cypress
low line 601

External URL reference

SourceSKILL.md
601baseURL: process.env.BASE_URL ?? 'http://localhost:3000',
Scanned on Jun 13, 2026
View Security Dashboard
Installation guide →
GitHub Stars 402
Rate this skill
Categorydevelopment
UpdatedJune 15, 2026
openclawtestingqa-engineerbackend-developerfrontend-developerdevops-sreproduct-managerplaywrightseleniumgitlabgithubdevelopmentproduct
FerroxLabs/wayland