hybrid-cloud-test-gen
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is authored by 'getsentry' and is strictly scoped to generating testing infrastructure for Sentry's hybrid cloud architecture.
- [SAFE]: All external references and domains, such as
sentry.ioand internal mock addresses (e.g.,http://us.internal.sentry.io), are valid vendor resources for the stated purpose. - [COMMAND_EXECUTION]: The skill includes instructions to run
pytestfor local validation of the generated tests, which is standard developer practice and does not involve unauthorized privilege escalation. - [DATA_EXFILTRATION]: No exfiltration patterns or suspicious network calls were identified. The network operations described in the templates are mocks (using the
responseslibrary) for testing API gateway behavior. - [INDIRECT_PROMPT_INJECTION]: The skill processes local source code to gather context for test generation. While it lacks explicit sanitization or boundary markers for this untrusted input, the risk is inherent to the functional requirement of a coding assistant and is not indicative of malicious intent.
- Ingestion points: Local source code files and existing test files in the Sentry repository.
- Boundary markers: None explicitly defined for source code ingestion.
- Capability inventory: The skill generates code for the user to review/add; it does not contain built-in scripts to execute arbitrary host commands or network operations.
- Sanitization: No specific sanitization logic for external source code is described.
Audit Metadata