ab-testing
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of a local Python script
scripts/validate_ab_testing_contract.pyto validate the structure and content of A/B testing manifests. The script uses standard libraries and does not perform any risky operations like network access or dynamic code evaluation. - [PROMPT_INJECTION]: The skill has a vulnerability surface for indirect prompt injection through its manifest processing workflow.
- Ingestion points: The
validate_ab_testing_contract.pyscript and the associated workflow ingest JSON manifest files (e.g.,assets/ab-pln-manifest.valid.json) containing natural language fields such asdecision_question,interpretation, andfollow_up_actions. - Boundary markers: Absent. There are no explicit delimiters or instructions provided to the agent to disregard potential instructions embedded within the manifest fields.
- Capability inventory: The skill includes command execution capabilities via a local Python validation script.
- Sanitization: The validation script focuses on structural integrity and data types but lacks sanitization or escaping of natural language content to prevent adversarial instruction following.
Audit Metadata