vitest-test-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (SAFE): No instructions attempting to override agent behavior or safety guidelines were detected in the skill markdown.- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network operations detected.- [Unverifiable Dependencies & RCE] (SAFE): No remote scripts or external package installations are defined in the skill content.- [Indirect Prompt Injection] (LOW): This skill presents an attack surface where instructions embedded in source code could influence the agent during test generation. Evidence Chain: 1. Ingestion point: User-provided source code (implied by Vitest task context). 2. Boundary markers: Absent in the skill instructions. 3. Capability inventory: Read, Write, Edit, Bash, Grep (defined in allowed-tools). 4. Sanitization: Absent.
Audit Metadata