sc-test
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill instructions explicitly authorize the use of Bash for test execution and setting up infrastructure, which provides a path for arbitrary command execution on the host.
- [REMOTE_CODE_EXECUTION] (HIGH): The combination of 'Automatically fix failing tests' and 'Execute tests' creates a dangerous loop where the agent could be induced to generate and immediately run malicious code.
- [PROMPT_INJECTION] (HIGH): Category 8 (Indirect Prompt Injection). Ingestion points: The agent ingests test 'targets' and 'test results' from external sources. Boundary markers: No delimiters or ignore-instructions are specified to protect the agent from embedded malicious content. Capability inventory: The skill possesses high-privilege capabilities including file modification and shell execution. Sanitization: No validation or sanitization of the code or commands being executed is described.
Recommendations
- AI detected serious security threats
Audit Metadata