geb-testing
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection Surface]: This skill is designed to generate code based on user-provided page descriptions and requirements. While this is the intended functionality, it creates a surface where external input could influence the generated output.
- Ingestion points: User-provided URLs, CSS selectors, and test logic requirements entering the agent's context (SKILL.md).
- Boundary markers: The current templates do not utilize specific delimiters to isolate user-provided data from instruction logic.
- Capability inventory: The skill assists in creating and modifying test files.
- Sanitization: There is no explicit validation or escaping logic for user-supplied strings before they are interpolated into generated Groovy code.
- [Credential Management Practice]: The provided code examples demonstrate form interactions using hardcoded strings.
- Evidence: The usage of
loginForm.password = "secret"in theLoginSpecexample within SKILL.md. - Context: This is a common placeholder pattern for documentation purposes. In production environments, users should be guided to use environment variables or specialized secret management tools to avoid hardcoding sensitive information in test scripts.
Audit Metadata