python-test-updater
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) due to its core data processing loop.\n
- Ingestion points: The workflow reads and processes
old_file,new_file, and test modules provided as inputs in the environment.\n - Boundary markers: The instructions lack explicit delimiters or instructions to ignore commands embedded in the code files being analyzed.\n
- Capability inventory: The agent can execute shell commands (
python scripts/analyze_code_diff.pyandpytest) and modify files, creating an execution path for injected instructions.\n - Sanitization: No sanitization or validation of the input code is performed before analysis or execution.\n- [COMMAND_EXECUTION]: The skill explicitly instructs the agent to run local scripts and the
pytesttesting framework. Execution ofpytestis risky when applied to untrusted or automatically modified code, as it executes the code logic during the test execution process.
Audit Metadata