test-case-reducer
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The
scripts/reduce_test.pyscript enables the execution of arbitrary system commands. - Evidence: The
TestCaseReducer.run_testmethod inscripts/reduce_test.pyusessubprocess.runto execute commands passed via the--commandparameter. This allows the agent to execute any available system command with arbitrary arguments. - [PROMPT_INJECTION]: The skill exhibits a vulnerability to indirect prompt injection when processing and executing content from external, potentially untrusted files.
- Ingestion points: The
scripts/reduce_test.pyscript reads and writes the contents of the file specified by thetest_filepositional argument during the reduction process. - Boundary markers: There are no boundary markers, delimiters, or explicit instructions within the skill to prevent the agent from obeying instructions that might be embedded in the test files being processed.
- Capability inventory: The skill possesses the capability to write to the local filesystem and execute arbitrary shell commands via the
subprocessmodule. - Sanitization: No sanitization, validation, or sandboxing is applied to the test file content or the execution command, meaning any malicious code contained within a test case will be executed with the same privileges as the agent during the reduction process.
Audit Metadata