I tend to do E2E tests for the feature working as expected (happy path), security errors (whether that's unauthenticated or user with the wrong permissions) and, once it's been in the wild for a while, adding in common error conditions.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I tend to do E2E tests for the feature working as expected (happy path), security errors (whether that's unauthenticated or user with the wrong permissions) and, once it's been in the wild for a while, adding in common error conditions.