test-automator
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- Category 1: Prompt Injection (SAFE): No instructions attempting to override agent behavior or bypass safety filters were found. The skill instructions are focused on technical guidance for testing.
- Category 2: Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations were detected. The file operations in the provided scripts are limited to writing templates to user-specified paths.
- Category 3: Obfuscation (SAFE): No encoded strings, zero-width characters, or homoglyphs were identified in any of the files.
- Category 4: Unverifiable Dependencies & RCE (SAFE): The skill does not download or execute remote code. The referenced scripts are local to the repository and perform safe file operations.
- Category 5: Privilege Escalation (SAFE): No commands related to privilege escalation (e.g., sudo, chmod 777) were found.
- Category 6: Persistence Mechanisms (SAFE): No attempts to modify startup scripts, cron jobs, or registry keys were detected.
- Category 7: Metadata Poisoning (SAFE): The metadata in SKILL.md accurately reflects the purpose and capabilities of the skill without deceptive instructions.
- Category 8: Indirect Prompt Injection (LOW): While the skill is designed to process external content (source code) and has file-writing and execution capabilities, it follows standard development patterns. There are no specific instructions that increase the risk of indirect prompt injection beyond the baseline for a coding assistant.
- Category 9: Time-Delayed / Conditional Attacks (SAFE): No logic gating behavior based on date, time, or environment conditions was found.
- Category 10: Dynamic Execution (SAFE): No use of eval(), exec(), or unsafe deserialization was found. The Python scripts use static templates for file generation.
Audit Metadata