testing-strategy
Provides a comprehensive guide for running and writing tests in the Orient monorepo, covering various test categories and commands.
Install this skill
Security score
The testing-strategy skill was audited on Feb 25, 2026 and we found 12 security issues across 4 threat categories, including 2 high-severity. Review the findings below before installing.
Categories Tested
Security Issues
Direct command execution function call
| 1028 | const result = execSync(`curl -s --connect-timeout 2 ${OPENCODE_URL}/global/health`, { |
Template literal with variable interpolation in command context
| 860 | const testAppName = `test-app-${Date.now()}`; // Unique per test run |
Template literal with variable interpolation in command context
| 901 | const testAppName = `test-${Date.now()}-${Math.random().toString(36).slice(2)}`; |
Template literal with variable interpolation in command context
| 908 | await db.query(`DELETE FROM app_storage WHERE app_name LIKE '${TEST_PREFIX}%'`); |
Template literal with variable interpolation in command context
| 913 | await db.query(`DELETE FROM app_storage WHERE app_name LIKE '${TEST_PREFIX}%'`); |
Template literal with variable interpolation in command context
| 1028 | const result = execSync(`curl -s --connect-timeout 2 ${OPENCODE_URL}/global/health`, { |
Node child_process module reference
| 1018 | import { execSync } from 'child_process'; |
Curl to non-GitHub URL
| 1063 | - Verify OpenCode is on port 4099 (dev port): `curl http://localhost:4099/global/health` |
Access to .env file
| 855 | const TEST_DB_URL = process.env.TEST_DATABASE_URL || process.env.DATABASE_URL; |
Access to .env file
| 1022 | const OPENCODE_URL = process.env.OPENCODE_URL || 'http://localhost:4099'; |
External URL reference
| 1022 | const OPENCODE_URL = process.env.OPENCODE_URL || 'http://localhost:4099'; |
External URL reference
| 1063 | - Verify OpenCode is on port 4099 (dev port): `curl http://localhost:4099/global/health` |
Install this skill with one command
/learn @orient-bot/testing-strategy