exp-test-smell-detection
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFE
Full Analysis
- [Data Processing]: The skill is designed to read and analyze user-provided source code to identify design flaws. This analysis is performed observationally without executing the code, which aligns with standard security practices for static analysis tools.
- [Indirect Prompt Injection Surface]: As with any tool that processes external source code, there is an inherent surface for indirect prompt injection where instructions hidden in code comments or string literals could attempt to influence the agent's summary or report. The skill's focus on structured reporting and the absence of high-privilege tool access limits the potential impact of such patterns.
- [External Research Integration]: The skill utilizes a taxonomy and data derived from testsmells.org, a research project associated with the Rochester Institute of Technology. This provides a formal, research-backed framework for the provided functionality.
Audit Metadata