openharmony-testing-apis
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill identifies a surface for indirect prompt injection via external test parameters. Evidence Chain: 1. Ingestion points:
ability-delegator-registry.mdviagetArguments(). 2. Boundary markers: Absent; no instructions provided to ignore embedded commands. 3. Capability inventory:executeShellCommandandinputText. 4. Sanitization: Absent. - [COMMAND_EXECUTION] (SAFE): The skill documents the
executeShellCommandAPI. While this is a standard system capability for testing, it represents a sensitive function that could be abused if the agent is influenced by malicious input.
Audit Metadata