skill-ab
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local JavaScript file (
ab-test.mjs) via Node.js to manage testing comparisons.\n- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection by processing external file paths and outputting results without summarization or modification.\n - Ingestion points: The
version-b-pathargument in the command interface.\n - Boundary markers: No delimiters or instructions to disregard embedded commands are included.\n
- Capability inventory: The skill can execute code via Node.js and access the local filesystem through provided arguments.\n
- Sanitization: No sanitization or path validation is specified within the skill metadata.
Audit Metadata