write-tests
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and analyzes external code files provided by the user or found in the environment. If these files contain malicious instructions disguised as comments or code, the agent might follow them during the test generation process.
- Ingestion points: File contents are read using the Read and Bash tools in SKILL.md during the Discovery phase.
- Boundary markers: No explicit instructions or delimiters are used to warn the agent to ignore natural language instructions found within the code files.
- Capability inventory: The agent has access to the Bash tool, which is used to detect environments and potentially run tests, as well as the Read tool for file access.
- Sanitization: No sanitization or validation is performed on the content of the files before the agent processes them.
Audit Metadata