testing
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill instructs the agent to run commands such as 'pnpm test' and 'docker', which allow for arbitrary code execution within the host environment as part of the project's testing lifecycle.
- [PROMPT_INJECTION] (HIGH): The skill is susceptible to Indirect Prompt Injection (Category 8). It relies on the agent reading and interpreting untrusted external data (logs and test output) to guide troubleshooting.
- Ingestion points: Output from 'pnpm test' and 'docker logs'.
- Boundary markers: None. The skill does not define delimiters for external data or instruct the agent to ignore instructions within logs.
- Capability inventory: Shell execution via 'pnpm' and 'docker'.
- Sanitization: None mentioned.
- [EXTERNAL_DOWNLOADS] (LOW): The skill uses 'docker pull' to fetch database images from external registries, introducing external binary content into the environment.
Recommendations
- AI detected serious security threats
Audit Metadata