test-gen
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes source code to generate test logic without using boundary markers or sanitization, creating an attack surface where malicious code could influence agent behavior.
- Ingestion points: Source code files are read into the agent context using the Read, Grep, and Glob tools.
- Boundary markers: Absent. The instructions do not provide delimiters or specific warnings to the agent to ignore instructions embedded within the analyzed code.
- Capability inventory: The skill has access to Bash (executing uv run pytest), Write, and Edit tools.
- Sanitization: None. Content from source files is used to determine the structure and content of generated test files without validation.
- Dynamic Execution (LOW): The skill generates Python script files from templates and immediately executes them using 'uv run pytest'. While this is the primary purpose of the skill, it involves the execution of code generated from potentially untrusted inputs.
Audit Metadata