security-test-planning
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a documentation and planning resource for security testing strategies, adhering to established industry standards like the OWASP Web Security Testing Guide (WSTG).\n- [SAFE]: Code examples in 'references/dotnet-security-tests.md' include common security testing payloads for SQL injection and Cross-Site Scripting (XSS). These are provided as static string literals within test templates for educational and testing purposes and do not pose an execution risk to the agent or the environment.\n- [SAFE]: The 'references/sast-dast-integration.md' file references official and well-known GitHub Actions for security scanning, such as Gitleaks, SonarSource, and Aqua Security's Trivy. These are standard industry tools and are treated as safe external references.\n- [SAFE]: No evidence of hardcoded credentials, malicious persistence mechanisms, or unauthorized data exfiltration was found across the provided files.
Audit Metadata