ac-test-generator
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill's workflow includes a 'Validate' step to 'Ensure tests fail (RED)'. This process typically involves invoking a test runner (like
pytest) to execute the newly generated Python files. If the 'feature' input used to generate these tests contains malicious instructions, they could be executed on the host system.- REMOTE_CODE_EXECUTION (MEDIUM): The skill performs 'Write then Execute' operations. It writes Python scripts to the local filesystem (generator.write_test_file) and then proceeds to validate them. In an agentic context, this allows for the execution of dynamically generated code that may be influenced by external, untrusted prompt data.- Indirect Prompt Injection (LOW):\n - Ingestion points: Untrusted 'feature' descriptions are ingested to drive the generation of test cases in
generator.generate_for_feature(feature).\n - Boundary markers: Absent. There are no delimiters or instructions provided to the LLM to ignore potentially malicious instructions embedded within the feature descriptions.\n
- Capability inventory: The skill possesses file-write capabilities and the implied capability to execute code via the 'Validate' workflow step.\n
- Sanitization: Absent. There is no evidence of sanitization or safety-filtering of the input data before it is interpolated into the test generation logic.
Audit Metadata