test-generation
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill involves executing shell commands like 'npm test' to verify the functionality of generated code. This is an expected behavior for a tool designed for test engineering and TDD workflows.
- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection by generating and running code based on user-provided feature descriptions.
- Ingestion points: User-provided feature requirements and behavior specifications (SKILL.md, Step 1).
- Boundary markers: No explicit delimiters or boundary markers are defined for the requirements input.
- Capability inventory: The skill uses 'npm test' to execute generated code (SKILL.md, Step 5).
- Sanitization: The skill does not describe any sanitization or validation of the input requirements before processing.
Audit Metadata