go-test-expert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The instructions follow standard formatting and do not contain any bypass attempts, role-play injections, or commands to ignore previous rules.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file paths or hardcoded credentials were detected. References to network listeners are limited to the local loopback address (127.0.0.1) for testing handlers.
- [Command Execution] (SAFE): The skill utilizes
run_shell_commandto execute Go's native testing toolchain (go test -benchandgo test -fuzz). This is consistent with the primary purpose of a Go testing expert and does not indicate malicious intent. - [Indirect Prompt Injection] (LOW): The skill operates by running tests on user-provided Go code. This creates a surface where a malicious Go file could include code in a test function or
init()block that executes during the testing phase. - Ingestion points: User-provided Go source and test files processed by
verify_testsorrun_shell_command. - Boundary markers: Absent; the skill does not specify delimiters for the code being tested.
- Capability inventory: Includes the ability to execute shell commands and build/verify binaries.
- Sanitization: No explicit sanitization or static analysis of the user's Go code is performed before execution.
Audit Metadata