faion-testing-developer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- External Downloads (LOW): The skill documentation and checklists instruct the agent to install various testing packages via pip, npm, and Go module commands. All referenced packages (e.g., pytest, playwright, testify, testcontainers) are reputable, standard industry tools from trusted registries like PyPI and npm.
- Command Execution (SAFE): The skill makes extensive use of shell commands to run test suites (e.g.,
npx playwright test,go test -race). These commands are standard for development environments and are limited to the skill's primary purpose of software testing and validation. - Indirect Prompt Injection (LOW): The skill is vulnerable to indirect prompt injection as it is designed to read and analyze arbitrary project files to determine testing context.
- Ingestion points: Reads project configuration (package.json, pyproject.toml) and source code through Read, Glob, and Grep tools.
- Boundary markers: The provided LLM prompts for test generation do not include specific delimiters or instructions to ignore embedded malicious instructions in the code being analyzed.
- Capability inventory: The skill has powerful capabilities including Bash execution and the ability to Write/Edit files, which could be exploited if malicious code influences the model's output.
- Sanitization: No explicit sanitization or safety checks for the content of ingested files are implemented in the skill's logic.
- Dynamic Execution (LOW): The skill automates the generation and execution of test scripts. This follows the standard 'script generation from templates' pattern, which is considered low risk when used for its intended development purpose.
Audit Metadata