Skills
skills/fortiumpartners/ai-mesh/RSpec Test Framework/Gen Agent Trust Hub

RSpec Test Framework

Fail

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The run-test.rb script is vulnerable to shell command injection. The --file argument is interpolated directly into a shell command string passed to system() without any sanitization or escaping.
  • Evidence: In run-test.rb, the line result = system("rspec #{options[:file]} --format json") allows an attacker to append commands using shell metacharacters (e.g., ;, &, |).
  • [REMOTE_CODE_EXECUTION] (HIGH): The generate-test.rb script allows for Ruby code injection. It takes the --description and --source inputs and interpolates them directly into a Ruby code template, which is then written to a file and subsequently executed by the runner.
  • Evidence: In generate-test.rb, the template variable uses #{options[:description]} and #{options[:source]} inside a heredoc. A malicious description like ' do system('id'); end # would result in the execution of the injected Ruby code when the test file is run.
  • [Indirect Prompt Injection] (LOW): The skill creates a significant attack surface by taking user-supplied strings and placing them into executable contexts. If the agent populates these fields using untrusted data (like a user's request or a website's content), it leads to indirect injection.
  • Ingestion points: options[:description] and options[:source] in generate-test.rb; options[:file] in run-test.rb.
  • Boundary markers: None present. Input is treated as trusted data.
  • Capability inventory: File.write (to create scripts) and system() (to execute commands).
  • Sanitization: None. No escaping or validation is performed on the input strings before they are used in file generation or shell commands.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 21, 2026, 10:22 AM