test-fixing
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes 'make test' and 'uv run pytest' to identify failing tests and verify fixes. This is the intended primary purpose of the skill and occurs within the user's local development environment.
- [DATA_EXFILTRATION] (SAFE): No network requests or patterns indicating data exfiltration were found. Data access is limited to the project's source code and test outputs.
- [PROMPT_INJECTION] (SAFE): The instructions provide a systematic approach to debugging and do not contain attempts to override agent safety constraints or extract system prompts.
- [INDIRECT_PROMPT_INJECTION] (SAFE): The skill processes data from test outputs and git diffs, which are potential surfaces for indirect injection. However, this risk is managed through the skill's specific focus on code analysis. Evidence Chain: 1. Ingestion points: Test outputs from pytest and make, and git diff results. 2. Boundary markers: No explicit delimiters are used in the prompt instructions. 3. Capability inventory: Local command execution and file modification. 4. Sanitization: No explicit sanitization of test output is mentioned before the agent analyzes it.
Audit Metadata