Skills
skills/laurigates/claude-plugins/configure-tests/Gen Agent Trust Hub

configure-tests

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses Bash to perform environment discovery using find and grep to identify project configuration files and test directories. It also invokes package managers (npm, uv, cargo) to install testing dependencies.
  • [EXTERNAL_DOWNLOADS]: The skill retrieves version information from official project websites and installs standard testing libraries (e.g., Vitest, Jest, pytest, cargo-nextest) from trusted registries (npm, PyPI, Crates.io). All external URLs and resources belong to well-known technology organizations.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes file contents from the project directory to guide its configuration actions.
  • Ingestion points: reads from package.json, pyproject.toml, Cargo.toml, and identified test configuration files.
  • Boundary markers: no explicit delimiters or instructions to ignore embedded content are used during file ingestion.
  • Capability inventory: includes file modification (Write, Edit) and system command execution (Bash).
  • Sanitization: no explicit sanitization or validation of the ingested file contents is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 12:56 PM