api-tester
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is focused on legitimate API testing and automation tasks. No patterns of prompt injection, data exfiltration, or credential harvesting were found.
- [NO_CODE]: The skill consists only of documentation and code templates within the SKILL.md file; it does not include any executable scripts, binaries, or external dependencies.
- [PROMPT_INJECTION]: The skill contains a potential surface for indirect prompt injection as it processes external OpenAPI/Swagger files to generate code. 1. Ingestion points: OpenAPI/Swagger files via workflows. 2. Boundary markers: None identified. 3. Capability inventory: Generates test code in Python, Jest, and curl. 4. Sanitization: None identified. However, this is inherent to the tool's purpose and no malicious usage was observed.
Audit Metadata