dust-test
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Prompt Injection] (LOW): The skill requires the agent to read and analyze local codebase files to generate appropriate tests, which constitutes a surface for indirect prompt injection. 1. Ingestion points: The skill instructs the agent to read source files to understand purpose and exports. 2. Boundary markers: None are present to distinguish between legitimate code and potential malicious instructions embedded within those files. 3. Capability inventory: The skill generates code and includes a step for executing npm test via a subprocess. 4. Sanitization: No sanitization or validation of input file content is defined.
- [Command Execution] (SAFE): The skill provides an execution step to run npm test. This is a standard development procedure and is considered safe as it is part of the expected verification workflow for the generated code.
Audit Metadata