test-setup-async
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation recommends the installation of pytest-asyncio, which is a well-known and trusted library for testing asynchronous Python code.
- [COMMAND_EXECUTION]: The skill provides Python scripts (validate_async_tests.py, convert_to_async.py, generate_async_fixture.py) that perform file system operations such as reading and writing Python test files using the ast and pathlib modules. These scripts are designed to automate test validation and migration tasks.
- [PROMPT_INJECTION]: The automation scripts process external Python files, which creates a theoretical surface for indirect prompt injection if those files contain malicious instructions in comments or docstrings.
- Ingestion points: Local Python files are read via the open() function in the scripts/validate_async_tests.py and scripts/convert_to_async.py scripts.
- Boundary markers: No explicit boundary markers or instruction-ignore directives are used when processing the content of the files.
- Capability inventory: The skill has access to the Bash tool and performs file read/write operations.
- Sanitization: Content is parsed into an Abstract Syntax Tree (AST) but the text within nodes is not sanitized against natural language instructions.
Audit Metadata