qa
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest external specification and context files, creating a surface for potential instruction injection if those documents are compromised.
- Ingestion points: Reads project-specific data from
docs/dev/[feature-name]/SPEC.mdanddocs/dev/[feature-name]/CONTEXT.mdas specified inSKILL.md. - Boundary markers: Absent; the instructions do not provide delimiters or warnings for the agent to distinguish between data and instructions within those files.
- Capability inventory: The skill generates file-system artifacts (
TEST_PLAN.md) and produces automated test code inSKILL.md. - Sanitization: No validation or sanitization of external content is defined before the agent processes it.
- Dynamic Execution (LOW): The skill generates automated test scripts using frameworks like Vitest, Jest, and PyTest based on project specifications. This is a core functional feature but involves creating executable content from external inputs.
Audit Metadata