test-suite-setup
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill uses the Bash tool for routine project discovery and testing operations.
- [EXTERNAL_DOWNLOADS] (SAFE): The skill suggests installing standard test frameworks from trusted registries.
- [PROMPT_INJECTION] (LOW): This skill has an indirect prompt injection surface (Category 8) as it parses local project files to identify scripts for execution. Evidence: 1. Ingestion points: package.json, pyproject.toml, requirements.txt, go.mod, Cargo.toml, pom.xml, build.gradle. 2. Boundary markers: Absent. 3. Capability inventory: Bash tool used to run scripts found in project files. 4. Sanitization: Absent.
Audit Metadata