run-smoke-tests
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill in 'SKILL.md' is susceptible to indirect prompt injection because it processes external test logs and traces to perform debugging.
- Ingestion points: Test traces and logs are analyzed in the 'Workflow' section.
- Boundary markers: No explicit markers are present to prevent the agent from being influenced by instructions hidden in test output.
- Capability inventory: The skill can execute shell commands via
npmand modify source files. - Sanitization: There is no defined sanitization for test output data.
- [COMMAND_EXECUTION]: The skill uses shell commands like
npm run smoketestin 'SKILL.md' to perform its core functionality of running tests.
Audit Metadata