testing
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface.\n
- Ingestion points: User-provided feature names and test case descriptions are directly interpolated into the task instructions for sub-agents (unit-test-writer, integration-test-writer, e2e-test-writer) in SKILL.md (Step 4).\n
- Boundary markers: There are no protective delimiters (e.g., XML tags) or "ignore embedded instructions" directives around the user-provided data to prevent them from overriding agent behavior.\n
- Capability inventory: The specialist sub-agents have the capability to write code files and execute local shell commands like pnpm and vitest.\n
- Sanitization: No input validation or escaping is applied to the user-controlled strings before they are used to form prompts for the writer agents.\n- [COMMAND_EXECUTION]: The skill performs local command execution via "pnpm vitest run" to verify test results. While appropriate for a test runner, this execution happens in the user's environment.
Audit Metadata