go-test-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill provides a surface for indirect prompt injection as it is designed to ingest and process untrusted code (Go files/test requests) while having access to sensitive tools.
- Ingestion points: User requests and code provided for test generation.
- Boundary markers: Absent; no instructions provided to the agent to ignore instructions embedded within the data it processes.
- Capability inventory: Includes
Bash,Write,Edit,Read, andGrep, which allow for significant system interaction if an injection is successful. - Sanitization: No sanitization or validation logic is defined in the instruction set.
- [No Executable Code] (SAFE): The provided skill consists only of a markdown file (
SKILL.md) with metadata and documentation. No companion scripts (.py, .js, .sh) or binaries were included in the package.
Audit Metadata