Skills
skills/duc01226/easyplatform/update-tests/Gen Agent Trust Hub

update-tests

Warn

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill interpolates user-controlled variables {FeatureName} and {base} directly into shell commands such as git diff, git show, and grep. This creates a command injection vulnerability if malicious strings are supplied via the --since argument or the .last-sync metadata file.
  • [COMMAND_EXECUTION]: The {FeatureName} parameter is used to construct file paths without validation, which could enable path traversal attacks to read or write files outside the intended directory.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by reading feature documentation to determine how to generate or modify test code. Adversarial instructions embedded in the documentation could manipulate the agent's output.
  • Ingestion points: docs/test-specs/{FeatureName}/README.md and .last-sync.
  • Boundary markers: Absent; the skill does not use delimiters or warnings to ignore instructions within the documentation.
  • Capability inventory: Bash (git), Write/Edit (file updates).
  • Sanitization: Absent; documentation content is not sanitized or validated before being used to influence code generation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 28, 2026, 05:00 AM