metamorphic-test-generator
Warn
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The scripts/generate.py script executes local files using the subprocess.run function. It identifies the runtime based on the file extension (.py, .js, .java) and invokes the corresponding interpreter (python3, node, java). This behavior allows for the execution of arbitrary code within the target program file.
- [COMMAND_EXECUTION]: The script includes a 10-second execution timeout, which mitigates potential denial-of-service through resource exhaustion by the tested program.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection through its data processing pipeline.
- Ingestion points: Test cases are loaded from JSON files or directories specified by the user in scripts/generate.py.
- Capability inventory: The skill can execute subprocesses and capture their output, which is then processed and potentially returned to the AI agent.
- Sanitization: No sanitization is performed on the output captured from the executed programs before it is returned in reports.
- Boundary markers: The skill does not use specific delimiters or instructions to prevent the agent from obeying instructions embedded in test data or program output.
Audit Metadata