Skills
skills/dexploarer/claudius-skills/property-based-test-generator/Gen Agent Trust Hub

property-based-test-generator

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs widely-used testing libraries including hypothesis, pytest, fast-check, and QuickCheck using official package managers (pip, npm, cabal) from their respective public registries.
  • [COMMAND_EXECUTION]: The skill uses Bash to perform environment discovery (checking for configuration files like package.json or pytest.ini) and to execute package installation commands.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external data:
  • Ingestion points: Reads source code and configuration files via the Read and Glob tools to identify testing requirements and function properties.
  • Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from following malicious instructions hidden in code comments or strings within the files it reads.
  • Capability inventory: The agent has access to Bash (command execution) and Write (file creation) tools which could be targeted by an injection attack.
  • Sanitization: No explicit sanitization or filtering is performed on the content ingested from the project files before it influences the generated output or shell commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 09:43 AM