pytest-config
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The module
modules/git-testing-fixtures.mddefines aGitRepositoryclass that utilizessubprocess.runto perform git operations likeinit,config, andcommit. This is standard functionality for the skill's primary purpose of providing test infrastructure. - [EXTERNAL_DOWNLOADS]: The
modules/ci-integration.mdfile contains GitHub Actions workflow templates that reference official actions from theactionsorganization and the well-knowncodecovservice. These are trusted sources for CI/CD pipelines. - [PROMPT_INJECTION]: The skill defines test data fixtures that could be exploited if malicious content is placed within them and processed by an agent without sanitization. Ingestion points: Fixtures such as
sample_skill_frontmatterinmodules/conftest-patterns.mdreturn raw strings used in tests. Boundary markers: No explicit delimiters or instructions to ignore embedded content are present in the provided templates. Capability inventory:subprocess.runcalls are located inmodules/git-testing-fixtures.md. Sanitization: No sanitization or validation of the fixture data is performed within the templates.
Audit Metadata