unit-testing
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (HIGH): Automated scanner URLite flagged the internal reference file 'sql.md' as a blacklisted malicious URL. As this file is a mandatory reference for SQL unit testing, its presence indicates a high risk that the skill depends on or executes malicious payloads. \n- [PROMPT_INJECTION] (HIGH): Category 8 (Indirect Prompt Injection): The skill is designed to ingest and analyze untrusted user-provided code without isolation. \n
- Ingestion points: Processes user-provided code snippets to write or verify unit tests. \n
- Boundary markers: Absent; the instructions do not require the agent to wrap user code in delimiters or ignore instructions found in code comments. \n
- Capability inventory: The skill claims to 'verify code still works,' which implies the agent has the capability to execute code via subprocesses to run test suites. \n
- Sanitization: Absent; no escaping or sanitization of input code is performed before it is analyzed and potentially executed. \n- [COMMAND_EXECUTION] (LOW): The skill provides support for testing system-level tools like Bash, Ansible, and Kubernetes, which are inherently high-privilege environments, though no direct command injection was observed in the primary SKILL.md file.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata