test-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions designed to override agent behavior, bypass safety guidelines, or extract system prompts were detected.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths, hardcoded credentials (API keys, tokens), or unauthorized network operations were found.
- [Obfuscation] (SAFE): All content is in clear text. There are no signs of Base64 encoding, zero-width characters, or homoglyph attacks.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill references standard testing frameworks (Jest, Pytest). It mentions common development commands like
npm run testandpytest -qbut does not download or execute untrusted remote scripts. - [Privilege Escalation & Persistence] (SAFE): There are no commands attempting to gain administrative privileges (e.g., sudo) or establish persistence on the host system.
- [Indirect Prompt Injection] (LOW): The skill acts as a code generator which ingests user-provided source code. While this is a known attack surface, the risk is categorized as LOW because the skill provides structured templates and doesn't possess capabilities that could be easily weaponized via the generated test code.
Audit Metadata