generate-tests
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its core workflow of reading markdown specifications to scaffold test files. Maliciously crafted documentation could potentially influence the agent to generate unintended code or perform unauthorized actions. \n
- Ingestion points: Documentation files under
docs/test-specs/are read using theReadandGreptools.\n - Boundary markers: The skill does not employ delimiters or specific instructions to ensure the agent ignores any commands embedded within the documentation content.\n
- Capability inventory: The skill is granted access to
Write,Edit, andBash, providing significant authority to modify the repository and execute system commands.\n - Sanitization: Content extracted from the specifications is used directly in templates without validation or sanitization to prevent code injection or logic manipulation.\n- [COMMAND_EXECUTION]: The skill has access to the
Bashtool. Although intended for search and pattern matching tasks (GrepandGlob), the broad availability of a shell environment is a high-privilege capability that increases the risk profile when processing external input.\n- [SAFE]: No hardcoded credentials, data exfiltration patterns, or unauthorized remote code downloads were detected. The provided templates for C# and TypeScript use legitimate libraries and follow established software testing patterns.
Audit Metadata