writing-vitest-tests
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): The skill is designed to ingest and modify untrusted external codebases for test generation. 1. Ingestion points: Source code and test files within the target project (SKILL.md). 2. Boundary markers: No delimiters or ignore instructions provided for external content. 3. Capability inventory: Uses 'Write', 'Edit', and 'Bash' tools (SKILL.md). 4. Sanitization: No logic to filter instructions embedded in processed files. An attacker could embed malicious prompts in the code that the agent then processes with high-privilege tools.
- [COMMAND_EXECUTION] (MEDIUM): The skill enables the 'Bash' tool to execute test commands (e.g., 'vitest -u'). This capability provides an execution vector if the agent is manipulated by instructions found in untrusted project files.
Recommendations
- AI detected serious security threats
Audit Metadata