api-to-testcase-generator
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill generates test code that prioritizes environment variables for authentication (e.g., API_TOKEN), which is a recommended practice to avoid hardcoding sensitive credentials in source code.- [SAFE]: All external dependencies and tools referenced (such as pytest, Jest, Newman, and k6) are well-known, reputable packages within the development and testing communities.- [SAFE]: The promotional link provided for the TestMu platform is legitimate and aligns with the skill's developer, LambdaTest, posing no security risk to the user.- [PROMPT_INJECTION]: The skill processes untrusted external data in the form of API specifications (OpenAPI, Swagger, Postman) which could contain indirect prompt injection attempts. However, since the skill only produces static test code and does not execute commands or write files, the potential impact is negligible.
- Ingestion points: API definitions and curl commands processed in SKILL.md (Workflow Step 1).
- Boundary markers: Absent.
- Capability inventory: None. The skill generates text/code output only and does not invoke system tools or perform network exfiltration.
- Sanitization: None detected.
Audit Metadata