ln-632-test-e2e-priority-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill workflow is strictly limited to code auditing and reporting. No malicious behaviors or patterns were identified.
- [COMMAND_EXECUTION]: The skill utilizes Bash, Grep, and Glob to scan the local codebase for specific keywords related to business logic. These operations are used for pattern matching and do not involve the execution of untrusted external scripts.
- [DATA_EXPOSURE]: The skill reads codebase metadata to identify coverage for sensitive areas like 'auth' and 'payment'. This information is used only to generate a local compliance report and is not exfiltrated.
- [PROMPT_INJECTION]: The skill processes external codebase data. 1. Ingestion points: codebase_root and testFilesMetadata. 2. Boundary markers: None. 3. Capability inventory: Bash, Grep, Glob, Read. 4. Sanitization: Not specified. While this presents a potential surface for indirect injection via malformed code or filenames, the skill's logic is restricted to non-executive reporting.
Audit Metadata