integration-test
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The 'Echo Test' documentation outlines the execution of bash commands through the SDK sandbox to verify tool functionality.
- [DATA_EXFILTRATION]: The 'Environment Test' identifies whether sensitive data, specifically the OPENAI_API_KEY, is accessible within the sandbox environment.
- [DATA_EXFILTRATION]: The 'Network Test' performs HTTPS requests to verify proxy configuration by connecting to OpenAI's official API endpoints.
- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection as it processes queries that can invoke tools with capabilities for command execution, network operations, and file manipulation.
- Ingestion points: Processing of queries through the integration-test commands.
- Boundary markers: None identified.
- Capability inventory: Execution of shell commands (bash), external network requests (OpenAI API), and file creation (image and audio files).
- Sanitization: No evidence of input filtering or sanitization.
Audit Metadata