tasks-test-generation
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool for grep-based searches to identify existing code patterns. This is a legitimate development use case and does not involve downloading or executing untrusted remote code.\n- [INDIRECT_PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection because it reads external source files to generate tests.\n
- Ingestion points: Reads local C# (.cs), TypeScript (.ts), and Markdown (.md) files from the user's repository.\n
- Boundary markers: No specific delimiters or instructions (e.g., XML tags or "ignore embedded instructions" headers) are specified for the ingested content.\n
- Capability inventory: The agent has access to Read, Write, Edit, Grep, Glob, and Bash tools, allowing for potential manipulation of the local file system or repository.\n
- Sanitization: No explicit sanitization, filtering, or validation steps are defined for the content extracted from processed files.
Audit Metadata