Skills
skills/fortiumpartners/ai-mesh/Test Framework Detector/Gen Agent Trust Hub

Test Framework Detector

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes untrusted project content to identify frameworks. \n
  • Ingestion points: detect-framework.js reads project files via fs.readFile and glob. \n
  • Boundary markers: Absent. No delimiters or warnings are provided to the agent regarding the source of the data. \n
  • Capability inventory: Limited to file system read access; no command execution or network operations are present in the scripts. \n
  • Sanitization: Uses JSON.parse and regex for specific field extraction, but malicious content in project files could influence the agent's downstream decisions if the output is trusted blindly. \n- [COMMAND_EXECUTION] (SAFE): The detect-framework.js script performs static analysis and does not spawn sub-processes or execute shell commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 10:23 AM