backend-testing
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill is granted access to the filesystem through tools like
Read,Grep, andBash. This access is necessary for analyzing existing code and generating test suites. Users should ensure the execution environment is properly scoped to the project directory. - [INDIRECT_PROMPT_INJECTION]: The skill processes project source code and configuration files to frame the test target (SKILL.md, Step 1). It uses tools like
Read,Glob, andGrepto ingest this data. While the instructions do not include explicit boundary markers or sanitization logic to handle potentially malicious content within the code (such as instructions hidden in comments), this is a common characteristic of code-analysis skills. The agent's capabilities includeWrite,Edit, andBash(SKILL.md, allowed-tools), which are used to implement the generated test plans.
Audit Metadata