The Agent Skills Directory

[DATA_EXFILTRATION] (LOW): The skill reads local source files (e.g., src/utils.ts, src/new-feature.ts) and transmits their content to the Google Gemini API. While Google is a trusted external source, users should be aware that proprietary code is being sent to an external LLM.
[PROMPT_INJECTION] (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8) due to its handling of local file data. Evidence: 1. Ingestion points: Reads content from src/utils.ts, src/new-feature.ts, and git diff output. 2. Boundary markers: Absent; the skill interpolates shell variables directly into the prompt strings without delimiters. 3. Capability inventory: Includes file-system writing (>), network transmission (gemini), and arbitrary code execution via test runners (npx jest, npx vitest). 4. Sanitization: Absent; the skill does not filter or escape content read from local files before sending it to the LLM.
[EXTERNAL_DOWNLOADS] (LOW): The skill requires the installation of several Python and Node.js packages (e.g., google-generativeai, jest, mocha). These are well-known packages from trusted organizations (Google, OpenJS Foundation) and are downgraded to LOW per the [TRUST-SCOPE-RULE].

testgen