testing
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill consists entirely of a markdown file (SKILL.md) providing documentation, command examples, and usage patterns. It does not include any executable code, scripts, or binary files.
- [SAFE]: No indicators of prompt injection, data exfiltration, or obfuscation were found within the documentation content.
- [DATA_EXFILTRATION]: While the skill mentions using an environment variable
$OPENCLAW_API_KEYand communicating withapi.openclaw.ai, these are standard practices for the described service (OpenClaw). The domain aligns with the skill's stated purpose and author context. - [INDIRECT_PROMPT_INJECTION]: The skill is designed to process user code and Gherkin feature files for test generation. This establishes a surface for indirect prompt injection where untrusted data could influence agent output, though this is a functional characteristic rather than a malicious implementation.
Audit Metadata