mutate
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run mutation testing adapters and standard package managers. The instructions incorporate strong safety guardrails, including mandatory baseline test verification and strict scope definitions to prevent accidental modification of the entire repository.
- [EXTERNAL_DOWNLOADS]: The skill recommends installing well-known mutation testing tools from official package registries. These tools (mutmut, cargo-mutants, StrykerJS) are widely used in the developer community and are treated as safe ecosystem dependencies.
- [DATA_EXFILTRATION]: The included analysis script (analyze_mutants.py) performs purely local filesystem operations to parse results. It contains no networking logic and implements appropriate directory filtering to avoid sensitive paths like .git or environment folders.
- [PROMPT_INJECTION]: The skill ingests data from mutation tool reports. While this data could theoretically be manipulated, the risk of indirect injection is mitigated by the script's role as a data normalizer and the manual verification steps required by the workflow.
Audit Metadata