minitest-coder
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is a coding assistant that can read user files and execute bash commands, which is a surface for instructions embedded in untrusted source code to influence agent behavior. 1. Ingestion points: File reading tools (Read, Grep, Glob). 2. Boundary markers: None specified. 3. Capability inventory: Powerful file modification (Write, Edit) and system access (Bash). 4. Sanitization: No input filtering logic provided.
- [Unverifiable Dependencies] (SAFE): The documentation mentions external CI/CD tools like Snyk and Codacy. These are examples for user reference and not executed by the skill itself.
- [Data Exposure] (SAFE): No credentials or sensitive data access patterns were found.
Audit Metadata