write-test
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALPROMPT_INJECTIONCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- Dynamic Execution (CRITICAL): The skill's primary function is to generate RSpec files and execute them using 'bundle exec rspec'. Because these generated files incorporate logic and data from external, untrusted source files, this constitutes unsafe dynamic code execution where input data influences executed logic.
- Indirect Prompt Injection (HIGH): The skill is highly susceptible to indirect injection. 1. Ingestion points: Rails source code files and spec fixtures are read to understand behavior. 2. Boundary markers: No markers or instructions are provided to the agent to ignore embedded instructions within the code it reads. 3. Capability inventory: The agent can execute shell commands via 'bundle exec rspec'. 4. Sanitization: There is no evidence of sanitization of source code content before it is interpolated into test files.
- Command Execution (HIGH): The skill performs shell-level execution of code it produces, which is a high-risk operation when the input data is untrusted.
- Data Exposure (LOW): The skill accesses sensitive application files including fixtures and source code, although no exfiltration patterns were detected.
Recommendations
- AI detected serious security threats
Audit Metadata