Skills
skills/congdon1207/agents.md/test-generation/Gen Agent Trust Hub

test-generation

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): Vulnerable to Indirect Prompt Injection. The skill is designed to perform 'Systematic File Analysis' across a codebase (Phase 1B).
  • Ingestion points: Uses Grep, Glob, and Read to ingest arbitrary file content from the project directory.
  • Boundary markers: Absent. There are no instructions to treat file content as data only or to ignore embedded instructions.
  • Capability inventory: Possesses Bash, Write, and Edit tools.
  • Sanitization: Absent. Content is processed directly into a 'Knowledge Graph' and then used to generate documentation.
  • [COMMAND_EXECUTION] (HIGH): The skill is granted the Bash tool. While the instructions suggest using it for discovery (Grep/Glob), the tool itself is unrestricted. An indirect prompt injection attack could leverage this tool to execute arbitrary system commands if the agent is tricked by malicious comments in the analyzed code.
  • [DATA_EXFILTRATION] (MEDIUM): While no network tools are explicitly listed, the Bash tool can be used to invoke network utilities (like curl or wget) to exfiltrate the contents of sensitive files identified during the 'Discovery searches' phase.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:32 PM