The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses the Bash tool to execute framework-specific test runners such as 'mvn test', 'npx vitest', and 'pytest' at runtime.
[REMOTE_CODE_EXECUTION]: The skill dynamically generates executable test code (Java/JUnit, Node/Vitest, Python/Pytest) in the '.tests/business/' directory based on acceptance criteria extracted from markdown files and subsequently executes this code.
[REMOTE_CODE_EXECUTION]: It implements a 'Generator-Critic' loop that allows the agent to automatically modify ('auto-fix test_defects') and re-execute test code for up to three iterations, representing a self-modifying code risk.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes potentially untrusted external data from requirement and epic files to drive code generation logic. 1. Ingestion points: Reads 'REQ-.md', 'EPIC-.md', and architecture files. 2. Boundary markers: Lacks specific delimiters or 'ignore embedded instructions' warnings when parsing acceptance criteria. 3. Capability inventory: Access to 'Bash' (execution), 'Write'/'Edit' (code creation), and 'Agent' (loop logic) tools. 4. Sanitization: No evidence of escaping or validation of criteria text before its interpolation into generated test scripts.

quality-business-test