Skills
skills/charon-fan/agent-playbook/test-automator/Gen Agent Trust Hub

test-automator

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted code files from the user's workspace to generate tests.
  • Ingestion points: Content is ingested from project files using the Read, Grep, and Glob tools mentioned in SKILL.md.
  • Boundary markers: The skill does not use boundary markers or specific instructions to ignore malicious content embedded in the ingested files.
  • Capability inventory: As defined in SKILL.md, the skill possesses the Bash, Write, and Edit capabilities, which could be leveraged if an injection occurs.
  • Sanitization: There is no evidence of sanitization or filtering of the ingested content before it is processed by the agent.
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to run unit testing frameworks (e.g., Jest, pytest, go test) and local Python utility scripts (scripts/generate_test.py, scripts/coverage_report.py) for test generation and coverage reporting.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 02:06 AM