generate-tests
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (HIGH): The workflow ingests external data (user requests and existing code via serena_find_file) and uses it to generate test files. Ingestion points: User prompts and codebase files. Boundary markers: None. Capability inventory: Writing code and immediate execution via laravel_boost_run_test. Sanitization: No validation or sanitization of the generated code is mentioned before execution.
- Command Execution (HIGH): The recommended workflow includes laravel_boost_run_test to run generated files immediately. If an attacker poisons the codebase or the prompt, the agent could generate and execute arbitrary system commands disguised as tests within the environment.
Recommendations
- AI detected serious security threats
Audit Metadata