integration-test-writer
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive templates for integration testing using well-known frameworks like pytest, FastAPI, SQLAlchemy, Jest, and Supertest. All provided code examples adhere to security best practices, including the use of in-memory or dedicated test databases (sqlite:///./test.db) and clear setup/teardown procedures to ensure test isolation.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to read, glob, and grep through local source code to identify components for testing. While the instructions do not currently include explicit boundary markers or sanitization for external file content, the intended use case (code analysis) is benign and consistent with standard coding assistant functionality.
- [SAFE]: The skill does not perform any unauthorized network operations or data exfiltration. API calls demonstrated in the examples are performed against local test clients (TestClient, Supertest) and do not target external domains.
- [SAFE]: No obfuscation, persistence mechanisms, or privilege escalation attempts were found. The use of the Bash tool is limited to standard development tasks such as running test suites and searching files.
Audit Metadata