ln-634-test-coverage-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it reads and processes external data from production source code and test files. Maliciously crafted instructions hidden within comments or strings in the audited files could attempt to influence the agent's behavior during the analysis. \n
- Ingestion points: Codebase files accessed via the Read, Grep, and Glob tools during workflow steps 2 and 3 and Audit Rule 1. \n
- Boundary markers: No explicit delimiters or instructions to ignore instructions embedded in source data are utilized when processing file contents. \n
- Capability inventory: The skill uses Bash, Read, Grep, and Glob to interact with the file system and performs a single file write operation to record its findings. \n
- Sanitization: No sanitization or validation of the extracted code content is performed before it is processed by the agent.\n- [COMMAND_EXECUTION]: The skill is explicitly granted access to the Bash tool to execute Grep and Glob operations. While this is necessary for its primary function as a coverage auditor, the Bash tool provides a broad range of system capabilities that should be monitored.
Audit Metadata