pst-run
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: A comprehensive analysis of the skill's logic and commands revealed no patterns of malicious intent, unauthorized data access, or code obfuscation.
- [DATA_EXPOSURE]: The skill references and manages files within a project-local directory (
.pst/sessions/). This activity is consistent with its stated purpose of managing test sessions and does not involve accessing sensitive system credentials or private keys. - [COMMAND_EXECUTION]: The skill functions as a coordinator, invoking other internal skills (
pst-explore,pst-plan, etc.) in a controlled sequence. It does not directly execute arbitrary shell commands or external scripts. - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it processes untrusted user-provided test documentation.
- Ingestion points: User-provided test case documentation (SKILL.md).
- Boundary markers: Absent; the documentation is passed directly to sub-skills.
- Capability inventory: Orchestrates sub-skills for test exploration, planning, and debugging.
- Sanitization: No explicit sanitization or escaping of the user input is performed.
- Note: Despite this surface, the skill is assessed as safe because it includes a mandatory human-in-the-loop confirmation step in the planning phase (Step 3), ensuring user oversight before the pipeline progresses.
Audit Metadata