fuzzing-input-generator
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill generates Python test code by interpolating user-provided function signatures and descriptions into templates, creating a risk for indirect prompt injection. Ingestion points: Workflow steps in SKILL.md that accept function signatures and behavior descriptions. Boundary markers: The generated templates do not include delimiters or instructions to ignore instructions embedded in fuzzed data. Capability inventory: The skill produces Python scripts intended for execution. Sanitization: No sanitization is performed on user-provided metadata before interpolation into code blocks.
- [REMOTE_CODE_EXECUTION]: The skill facilitates the generation of executable Python test scripts based on user-provided data. Script generation is based on structured templates provided in SKILL.md. The resulting code is intended for runtime execution using the pytest framework.
Audit Metadata