Skills
skills/fortiumpartners/ai-mesh/xUnit Test Framework/Gen Agent Trust Hub

xUnit Test Framework

Warn

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [Dynamic Execution] (MEDIUM): The file generate-test.cs creates a new C# source file by interpolating user-provided arguments (--source and --description) directly into a code template. This generated code is intended to be executed immediately via dotnet test.
  • [Command Execution] (MEDIUM): The script run-test.sh executes dotnet test on a file path provided via command line arguments. Although the variable is quoted, the execution of dynamically generated code is a high-risk pattern.
  • [Indirect Prompt Injection] (LOW): The skill possesses an attack surface where untrusted data (descriptions or filenames) could influence executable code generation.
  • Ingestion points: Command line arguments in generate-test.cs and run-test.sh.
  • Boundary markers: Absent; user input is interpolated directly into strings.
  • Capability inventory: File writing (File.WriteAllText) and shell command execution (dotnet test).
  • Sanitization: Minimal; only spaces are replaced in the test method name, which does not prevent C# code injection or path traversal via the source/output arguments.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 21, 2026, 10:22 AM