ln-633-test-value-auditor
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it instructs the agent to ingest and analyze untrusted test code from the local filesystem.
- Ingestion points: Reads and parses test files identified in the
testFilesMetadatawithin thecontextStore(Workflow step 2 and Audit Rule 1). - Boundary markers: The skill does not define delimiters or specific instructions to the agent to ignore potentially malicious instructions embedded within the test files being audited.
- Capability inventory: The skill utilizes
Read,Grep,Glob, andBashtools, which could be abused if an attacker-controlled test file successfully influences the agent's behavior. - Sanitization: No explicit sanitization, escaping, or validation of the content of the test files is mandated before the agent processes them.
- [EXTERNAL_DOWNLOADS]: Fetches markdown templates and reference contracts from the developer's official GitHub repository (
github.com/levnikolaevich/claude-code-skills) when the localshared/directory is missing. These resources are used for context and reporting templates rather than direct execution.
Audit Metadata