test-runner
Warn
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines shell command templates that incorporate a user-provided 'scope' parameter. The documentation shows direct interpolation of this parameter into commands like 'bundle exec rspec', 'npx jest', and 'pytest'. Without explicit sanitization of shell metacharacters, an attacker could provide a malicious 'scope' string to execute arbitrary commands on the underlying system.
- [PROMPT_INJECTION]: The skill automatically detects frameworks by reading filenames and potentially contents of files like 'jest.config.js' or 'pytest.ini'. This represents an indirect prompt injection surface where a malicious repository could influence the agent's behavior during the framework detection phase.
- Ingestion points: Project configuration files and directories ('jest.config.js', 'pytest.ini', 'conftest.py', 'go.mod', 'spec/', 'test/').
- Boundary markers: None identified to isolate untrusted data from instructions.
- Capability inventory: Shell execution via 'bundle', 'ruby', 'npx', 'pytest', and 'go'.
- Sanitization: No input validation or character escaping is specified for the scope parameter or detected file content.
Audit Metadata