Skills
skills/garden-co/jazz/jazz-testing/Gen Agent Trust Hub

jazz-testing

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill documentation in SKILL.md instructs the agent to load and analyze content from external URLs including https://github.com/garden-co/jazz and https://jazz.tools. These sources are not included in the pre-approved trusted organizations list, making the remote content technically unverifiable.
  • PROMPT_INJECTION (LOW): An indirect prompt injection surface (Vector 8c) is present in references/jazz.svelte.ts via the InviteListener class. This class monitors window.location for invite links, allowing untrusted external data to enter the agent's context during UI testing or debugging. Evidence: 1. Ingestion point: window.location hash in references/jazz.svelte.ts. 2. Boundary markers: Absent. 3. Capability inventory: Agent performs reasoning and verification of UI states and security logic as described in SKILL.md. 4. Sanitization: Delegated to the framework function consumeInviteLinkFromWindowLocation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 08:41 AM