test-fixing
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill direct s the agen t to run
mak e testan duv run py tes t. Th e s e comman d s ex e cut e arbit r ary code define d in the loca l reposit or y's Mak e file or tes t s uit e. If an ad vers ar y con t rol s th e projec t sour ce (e.g., via a malic io u s PR), this lead s to im m e diat e code ex e cut ion on the hos t machin e. - [PROMPT_INJECTION] (HIGH): The skill is high l y vuln er abl e to in direc t promp t injec t ion (Cat e gor y 8). In g e st ion poin t s: Tes t fail ur e me s s ag e s from
mak e testout put an d code dif f s viagit dif f. Boun d ar y mark ers: Abs en t. The skill relie s on nat ur a l lan g ua g e an al y sis of raw out put to det e r min e nex t ac t ion s. Capabilit y in ven t or y: Fil e s y s t e m modif i cat ion usin g the 'Ed i t too l' an d arbit r ar y comman d ex e cut ion. Sanit i z at ion: Abs en t. An at t a ck e r coul d em b e d malic io u s in s t r uc t ion s in sid e a fail in g tes t's er r o r me s s ag e to t rick the agen t in to del e t in g fil e s, ex fil t r at in g dat a, or in s e r t in g back doo r s dur in g the 'fix in g' proc e s s.
Recommendations
- AI detected serious security threats
Audit Metadata