test-driven-generation
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to run test suites.
- Evidence: Step 3 ('Run Tests') lists specific commands for Python (
pytest,unittest) and Java (mvn,gradle,javac,java). - [PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection (Category 8) as it processes and executes code from user-provided files.
- Ingestion points: The agent reads and processes user-provided test files (e.g.,
<test_file>.py,<TestFile>.java) in Step 1 and Step 3 of SKILL.md. - Boundary markers: No explicit boundary markers or instructions to treat user-provided file content as untrusted are present in the skill.
- Capability inventory: The skill utilizes subprocess execution of test runners (
pytest,java, etc.) which can execute arbitrary code contained within the provided test files. - Sanitization: No sanitization or validation of the user-provided code is performed before execution.
Audit Metadata