test-standards
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill's workflow involves reading and analyzing untrusted external content (test files and git diffs) which could contain embedded instructions intended to deceive the agent during the 'LLM Heuristic Review'.\n
- Ingestion points: Test files (e.g.,
tests/auth.test.ts) andgit diffoutput analyzed in the validation workflow.\n - Boundary markers: Absent. There are no specific delimiters or instructions for the agent to ignore prompt-like content within the code it reviews.\n
- Capability inventory: The skill executes local commands to run quality scanner scripts on provided paths.\n
- Sanitization: Absent. External code content is provided directly to the agent's context without escaping or validation.\n- [COMMAND_EXECUTION] (SAFE): Local script execution. The skill executes a local Python script to perform automated quality checks.\n
- Evidence:
python scripts/test_quality_scanner.py ./testscommand documented inSKILL.md.\n - Context: This is the intended primary function of the skill and uses a static path for the script itself.
Audit Metadata