reviewing-test-quality
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill has an ingestion surface as it is designed to analyze external code files using 'Read' and 'Grep' tools. However, the risk is negligible due to the lack of dangerous capabilities.
- Ingestion points: Local project files accessed via Read and Grep.
- Boundary markers: Not explicitly defined in the instructions.
- Capability inventory: The skill is restricted to passive discovery (Read and Grep); it lacks write access, network connectivity, or command execution capabilities.
- Sanitization: No sanitization of ingested content is performed, but no active tools exist to exploit injected instructions.
- Conclusion: The skill's design follows a 'read-only' review pattern, making it safe for its intended use case.
Audit Metadata