finalrun-generate-test
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection during the analysis of application source code. Malicious instructions embedded in the code being tested could influence the agent's logic during the test planning or upload process.
- Ingestion points: The agent reads and analyzes source files during Step 1 (Analyze the Feature).
- Boundary markers: No delimiters or instructions are provided to help the agent distinguish between code and embedded commands.
- Capability inventory: The agent can create tests, folders, and suites using the vendor-provided MCP tools.
- Sanitization: No sanitization or validation of source code content is performed before it is processed into test logic.
Audit Metadata