python-testing
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or sensitive file paths were found. The skill explicitly promotes the use of mocking for external dependencies like APIs and databases to avoid real network or database interaction during tests.\n- [Remote Code Execution] (SAFE): The skill does not contain instructions to download or execute external scripts. It relies on standard, well-known Python testing libraries.\n- [Prompt Injection] (SAFE): The instructions are focused on testing logic and do not contain any attempts to bypass safety filters, extract system prompts, or override agent behavior.\n- [Indirect Prompt Injection] (LOW): The skill reads project source code to generate corresponding test files. This is a standard code-generation workflow, though it technically creates a surface where adversarial content in the source files could influence the generated tests.\n
- Ingestion points: Uses Read, Grep, and Glob tools to analyze source files in the src/ directory.\n
- Boundary markers: No specific boundary markers or 'ignore' instructions for analyzed code are present in the templates.\n
- Capability inventory: The skill utilizes Write and Edit tools to create test files in the tests/ directory.\n
- Sanitization: No sanitization of the analyzed source code is performed before it is used to inform the generated test content.\n- [Persistence & Privilege Escalation] (SAFE): No commands related to system persistence (e.g., crontab, shell profiles) or privilege escalation (e.g., sudo) are present.
Audit Metadata