Skills
skills/levnikolaevich/claude-code-skills/ln-633-test-value-auditor/Gen Agent Trust Hub

ln-633-test-value-auditor

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes test files and metadata from the codebase it audits. This creates a surface for indirect prompt injection, where an attacker could embed malicious instructions in test descriptions or comments to influence the agent's behavior, especially given its access to shell tools.
  • Ingestion points: testFilesMetadata and test file contents read during the Parse Context and Calculate Scores workflows.
  • Boundary markers: The skill does not specify the use of delimiters or 'ignore' instructions when interpolating audited content into its reasoning process.
  • Capability inventory: The skill is allowed to use Bash, Read, Grep, and Glob tools.
  • Sanitization: There is no evidence of content sanitization or validation for the test data processed during the audit.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 02:48 PM