test-fixing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill instructions include running local commands like
make testanduv run pytest. This is necessary for its primary purpose of identifying and verifying test fixes and is considered safe within the intended development context. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes potentially untrusted data from test failure outputs and project source code files. Ingestion points: Output from
make testand file content read during analysis. Boundary markers: Absent; there are no delimiters or instructions to ignore embedded commands within the processed data. Capability inventory: The skill has the ability to execute shell commands and modify local files using an Edit tool. Sanitization: Absent; the skill does not explicitly sanitize or validate test error messages before processing them. This creates a surface where malicious content in a test report could influence agent behavior.
Audit Metadata