tester
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The skill uses natural instructional language. No patterns of system prompt extraction, safety bypass, or 'DAN' style injections were detected.
- Data Exposure & Exfiltration (SAFE): No sensitive file paths (e.g., SSH keys, cloud credentials) or hardcoded secrets were found. No network operations targeting external domains are present.
- Obfuscation (SAFE): The document contains plain text markdown without Base64, zero-width characters, or homoglyph-based encoding.
- Unverifiable Dependencies & Remote Code Execution (SAFE): The skill does not include package manager commands or scripts that download/execute remote content.
- Indirect Prompt Injection (LOW): The skill is designed to process untrusted external data such as product requirement documents and code implementations. While no malicious content is currently present, this ingestion represents a standard attack surface.
- Ingestion points: Product requirement documents, function specifications, code implementation (SKILL.md).
- Boundary markers: Absent; the instructions do not specify delimiters for external content.
- Capability inventory: Mentions test execution and tool development, though no scripts are provided.
- Sanitization: Not mentioned in the workflow.
Audit Metadata