skills/jeremylongshore/claude-code-plugins-plus-skills/running-integration-tests/Gen Agent Trust Hub
running-integration-tests
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell scripts (setup_test_environment.sh, run_tests.sh, cleanup_test_environment.sh) and a Python script (report_generator.py) to manage the integration testing process. Tool usage is restricted to the 'test:integration-*' bash pattern.
- [PROMPT_INJECTION]: The skill processes untrusted input from external files, creating an attack surface for indirect prompt injection. 1. Ingestion points: {baseDir}/config/ files and test output streams. 2. Boundary markers: Absent in instructions. 3. Capability inventory: Bash, Write, and Edit tools. 4. Sanitization: No explicit validation or filtering of ingested data is described in the instructions.
Audit Metadata