pytest-dev
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill is designed to handle external project files and execute them through the pytest framework, which represents a high-severity capability tier. * Ingestion points: Test files, configuration files (TOML), and GitHub Actions CI scripts. * Boundary markers: There are no instructions for the agent to isolate or treat test code as untrusted content. * Capability inventory: The skill utilizes 'python3 -m pytest' and local scripts to execute code and write reports (JUnit XML), which constitutes arbitrary code execution and filesystem write operations. * Sanitization: No sanitization, validation, or sandboxing of the test code is specified.
- Command Execution (LOW): The skill uses standard command-line tools like python3 and uv to manage the testing lifecycle, which is consistent with its stated purpose.
Recommendations
- AI detected serious security threats
Audit Metadata