Skills
skills/final-run/finalrun-agent/generate-finalrun-test/Gen Agent Trust Hub

generate-finalrun-test

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection as it is instructed to read and analyze application source code and existing project files to generate tests. Maliciously crafted content within the source code could potentially influence the agent's output or logic during the generation phase.
  • Ingestion points: Application source code and existing YAML files in the .finalrun/ directory (SKILL.md).
  • Boundary markers: The instructions do not specify the use of delimiters or markers to isolate ingested code content from the agent's internal instructions.
  • Capability inventory: The skill possesses the capability to write and update YAML files and execute the finalrun check command.
  • Sanitization: No specific sanitization or validation of the ingested source code content is described prior to processing.
  • [COMMAND_EXECUTION]: The skill requires the execution of the finalrun check CLI tool on the user's local path to validate generated test suites and environment configurations.
  • [SAFE]: The skill implements proactive security measures for credential handling, explicitly instructing the agent to never hardcode secrets and to use the ${secrets.KEY} syntax with shell environment variable placeholders.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 12:48 AM