api-testing-observability-api-mock
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (SAFE): No direct instructions to override safety guidelines or ignore system prompts were found within the skill file.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials, sensitive file access, or unauthorized network operations were detected. The skill explicitly instructs to avoid using production secrets in mocks.
- Indirect Prompt Injection (LOW): The skill is designed to ingest external data to generate API mocks, creating a surface for indirect injection. 1. Ingestion points: External data is processed via the $ARGUMENTS placeholder in SKILL.md. 2. Boundary markers: No delimiters or instructions to ignore embedded commands are present for the ingested data. 3. Capability inventory: The skill generates documentation and mock implementation code. 4. Sanitization: No sanitization or validation of the input data is performed.
- Unverifiable Dependencies & Remote Code Execution (SAFE): No external packages or remote scripts are downloaded or executed.
Audit Metadata