jest-rtl-testing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill explicitly instructs the agent to check for an 'AGENTS.md' file and follow its testing section rules with the 'highest priority'. This creates a vulnerability surface where an attacker who can modify this local file could override the agent's behavior.\n
- Ingestion points: Local 'AGENTS.md' file.\n
- Boundary markers: None. The instructions do not specify any delimiters or warnings to ignore malicious instructions within the ingested file.\n
- Capability inventory: While the skill itself has no executable capabilities (No Code), it influences the agent's logic during test creation and debugging, which often involves write access to the filesystem.\n
- Sanitization: No sanitization or validation of the 'AGENTS.md' content is performed.\n- No Code (SAFE): The skill consists entirely of Markdown files (.md). No executable scripts, binaries, or configuration files (like package.json or requirements.txt) are included.
Audit Metadata