verify
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill identifies and runs local automated tests using frameworks such as Vitest, Jest, or Pytest. This is the intended primary function for verifying code behavior.
- [PROMPT_INJECTION]: The skill processes local artifacts (Gherkin files, proposals, and source code) as input for subagents. While this presents an indirect prompt injection surface, it is a standard requirement for verification and code-review tasks.
- Ingestion points: Reads files in beat/changes/, Gherkin features, and project source code.
- Boundary markers: Artifact content is passed to subagents without explicit delimiters or warnings in the dispatcher logic.
- Capability inventory: Subagent dispatch, file system reads, and execution of local test commands.
- Sanitization: No sanitization is performed on ingested files prior to their use in subagent prompts.
Audit Metadata