testany-import-git
Facilitates bulk registration of test scripts from Git repositories to Testany platform, ensuring continuous synchronization and management.
Install this skill
Security score
The testany-import-git skill was audited on Jun 2, 2026 and we found 12 security issues across 1 threat category. Review the findings below before installing.
Categories Tested
Security Issues
Webhook reference - potential data exfiltration
| 3 | description: Testany Git 导入:把 Git 仓库里的测试脚本批量注册成 Testany platform cases,并持续同步、切 commit、演化 binding、配 webhook |
Webhook reference - potential data exfiltration
| 4 | argument-hint: "[操作] [描述],如:连接 GitHub、从 owner/repo 建一个导入、同步一下、切到新的 commit、开 webhook" |
Webhook reference - potential data exfiltration
| 63 | | Webhook 读 / 开关 / 轮换 | `testany_get_git_webhook_config` / `_update_git_webhook_config` / `_disable_git_webhook` / `_regenerate_git_webhook_secret` | |
Webhook reference - potential data exfiltration
| 245 | ## Phase 8:Webhook |
Webhook reference - potential data exfiltration
| 249 | | 查看配置 | `testany_get_git_webhook_config` | |
Webhook reference - potential data exfiltration
| 250 | | 启用 / 改 track_scope | `testany_update_git_webhook_config({webhook_enabled: true, track_scope?})` | |
Webhook reference - potential data exfiltration
| 251 | | 关闭 | `testany_disable_git_webhook` | |
Webhook reference - potential data exfiltration
| 252 | | 轮换 secret | `testany_regenerate_git_webhook_secret` | |
Webhook reference - potential data exfiltration
| 254 | **关键纪律**:`webhook_secret` 只有**首次启用**或**刚 regenerate** 的响应里是明文,之后读全是 masked。一旦拿到明文: |
Webhook reference - potential data exfiltration
| 258 | 3. 让用户触发一次测试事件,观察 `webhook_status` 从 `pending_verification` → `verified` |
Webhook reference - potential data exfiltration
| 265 | 2. **webhook_secret 只出现一次**:首次启用或 regenerate 后必须立刻记下并同步到 Git 侧,否则只能再轮换 |
Webhook reference - potential data exfiltration
| 285 | | "webhook 收不到事件" | 看 `webhook_status`(`pending_verification` / `error`)+ `platform_setup_guide` | |