Skills
skills/help-me-test/skills/helpmetest/Gen Agent Trust Hub

helpmetest

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to navigate to and process content from external, untrusted websites during its discovery and enumeration phases. There are no explicit instructions or boundary markers to prevent the agent from following malicious directives that might be embedded in the HTML or content of the sites being tested.
  • Ingestion points: External URLs provided by the user in Phase 1: Deep Discovery and Phase 2: Feature Enumeration.
  • Boundary markers: No delimiters or specific 'ignore instructions' warnings are present when processing site content.
  • Capability inventory: Access to shell commands via git and test execution tools via mcp__helpmetest-*.
  • Sanitization: No explicit sanitization or filtering of site content is documented in the orchestration logic.
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to gather project context, including git status --short and git diff --stat HEAD. It also requests running helpmetest updates --json in the background as a setup step, which is standard behavior for developer-focused tooling.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 03:07 AM