go-unit-tests
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions specify that the agent should run
make lintupon completing the tests. This is a standard post-generation step for code quality in Go projects and is considered safe in the context of this developer-focused skill. - [EXTERNAL_DOWNLOADS]: The skill references the
github.com/stretchr/testifylibrary and themockerygenerator. These are industry-standard, well-known, and trusted tools within the Go ecosystem and do not represent a security risk. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes user-provided Go code to generate tests. (1) Ingestion points: User-provided Go source code. (2) Boundary markers: No specific isolation markers or instructions are defined to separate user code from instructions. (3) Capability inventory: Includes the ability to execute shell commands (e.g.,
make lint). (4) Sanitization: No input validation or sanitization of the provided code is performed.
Audit Metadata