Cypress Test Generator

Automates Cypress test generation by analyzing web pages with Puppeteer to extract DOM elements and generate structured page object models with appropriate selectors and test patterns for end-to-end test automation.

dev-toolsTypeScript
GitHubnpm
0Tools
15Findings
18Stars
Mar 22, 2026Last Scanned

Security Category Deep Dive

Prompt Injection
Prompt & context manipulation attacks
69
Maturity
14
Rules
5
Sub-Categories
1
Gaps
64%
Implemented
56
Tests
1
Stories
Findings1
1 critical
criticalJ5Tool Output Poisoning PatternsMCP02-tool-poisoningAML.T0054
Pattern "(return|respond|output).*(?:tool_call|function_call|execute_tool|call_tool|invoke)" matched in source_code: "return this.#elements.${elementName}().invoke" (at position 7699)
Tool responses MUST NOT contain instruction-like content, file read directives, or social engineering phrases. Error messages should be factual and technical — never suggest actions involving sensitive data access. See CyberArk ATPA research for attack demonstration.
PI-DIRDirect Input Injection
100%3 rules
Injection via tool descriptions and parameter fields
GAP-001Prompt Injection Coverage GapMissing detection coverage for emerging prompt injection attack variants not addressed by current rules
PI-INDIndirect / Gateway Injection
100%4 rules
Hidden instructions via external content and tool responses
PI-CTXContext Manipulation
100%2 rules
Context window saturation and prior-approval exploitation
PI-ENCEncoding & Obfuscation
100%3 rules
Payload hiding via invisible chars, base64, schema fields
PI-TPLTemplate & Output Poisoning
50%2 rules1 found
Injection via prompt templates and runtime tool output
Framework Coverage
OWASP MCP Top 1014/14
MITRE ATLAS14/14
CoSAI MCP2/14
OWASP Agentic Top 1012/14
Kill Chain Phases
1Initial Access
1Defense Evasion
1Execution
1Persistence
Cypress Test Generator Security Report — MCP Sentinel