uloop-run-tests
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes the 'uloop' command-line utility to execute Unity tests. This tool is a resource provided by the author to facilitate test automation and result retrieval.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by instructing the agent to read and analyze NUnit XML files containing test failure messages and stack traces. These files contain content that could be generated by external or untrusted code being tested, potentially influencing the agent's diagnostic logic.
- Ingestion points: XML result files located at '{project_root}/.uloop/outputs/TestResults/.xml'.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are provided when the agent is directed to read the XML content.
- Capability inventory: The skill executes the 'uloop' CLI and accesses the local filesystem to read test results.
- Sanitization: There is no evidence of sanitization, validation, or filtering of the error messages or stack traces before they are presented to the agent.
Audit Metadata