Skills
skills/alirezarezvani/claude-skills/api-test-suite-builder/Gen Agent Trust Hub

api-test-suite-builder

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses local shell commands to scan the filesystem and extract information from source files. This is necessary for its core function of detecting API routes across different frameworks.
  • Evidence: SKILL.md contains several shell blocks using find, grep, sed, sort, and xargs to identify endpoints in Next.js, Express, FastAPI, and Django REST projects.
  • [SAFE]: No network exfiltration, persistence mechanisms, or credential harvesting patterns were found. All operations are confined to reading local code and generating test files.
  • [PROMPT_INJECTION]: The skill includes instructions to generate tests that use SQL injection and XSS payloads as adversarial inputs for API testing. These are data payloads for the generated tests, not instructions for the agent to execute or bypass its own safety filters.
  • [REMOTE_CODE_EXECUTION]: The skill recommends standard testing libraries (Vitest, Supertest, Pytest, httpx) but does not include any automated installation scripts or remote execution patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 01:26 PM