Skills
skills/dawiddutoit/custom-claude/java-test-generator/Gen Agent Trust Hub

java-test-generator

Pass

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its analysis of external source code.
  • Ingestion points: The agent reads and processes .java source files using the Read and Grep tools.
  • Boundary markers: The instructions do not define delimiters or specific warnings to the agent to disregard potential instructions embedded within the Java code or comments.
  • Capability inventory: The skill possesses the Write tool to create new files and the Bash tool to execute system commands.
  • Sanitization: No sanitization or validation logic is applied to the source code input before it is analyzed by the agent.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute Maven and Gradle test commands. While appropriate for the skill's primary purpose of test generation and execution, it represents a capability that could be targeted by indirect injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 24, 2026, 05:23 PM