ln-630-test-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection due to its handling of untrusted codebase data during the audit process.
- Ingestion points: Phase 1 uses Glob and Read tools to discover and parse content from test files (e.g., **/.test., **/.spec.) across the repository.
- Boundary markers: The skill does not implement specific delimiters or instructions to ignore embedded directives when passing discovered test content to sub-agents in Phase 4.
- Capability inventory: The agent has access to Bash (directory management), Skill (task delegation), and file system access (Read, Grep, Glob) within the project directory.
- Sanitization: There is no evidence of content sanitization or validation performed on the codebase files before they are aggregated or analyzed.
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool for routine file system maintenance tasks.
- Evidence: Phase 3 employs mkdir -p to create an output directory, and Phase 7 uses rm -rf for the cleanup of temporary worker files.
- Context: These commands are restricted to the docs/project/.audit/ directory and are standard operations for managing the lifecycle of an audit report.
Audit Metadata