api-test-executor
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of markdown-based instructions and does not include any source code or script files.\n- [PROMPT_INJECTION]: The skill instructions define a workflow that is susceptible to Indirect Prompt Injection (Category 8). Ingestion points: The agent is required to ingest and process data from external test plans, seed data, and API responses as part of the execution workflow in SKILL.md. Boundary markers: No specific delimiters or instructions to ignore potential commands within the ingested data are defined. Capability inventory: The skill enables the agent to perform network requests using target URLs and authentication materials provided in the input phase. Sanitization: The instructions do not specify any validation or sanitization requirements for the external data being processed during the test lifecycle.
Audit Metadata