eval-generator
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [Trusted Resource Usage]: The skill references official Microsoft documentation (learn.microsoft.com) and the Microsoft Power PnP Guidance Hub on GitHub for its evaluation frameworks and templates, which are established and safe sources.
- [Indirect Prompt Injection Surface]: The skill ingests user-provided agent descriptions or outputs from other tools to generate test cases. While this creates a surface for indirect prompt injection, it is managed through clear structural instructions and is inherent to the skill's purpose as a test generator.
- [Adversarial Testing Capabilities]: The skill is designed to generate adversarial test cases, including prompt injection attempts, specifically to help developers evaluate their agents' robustness. This is a security-enhancing feature rather than a malicious pattern.
- [Data Handling and File Generation]: The skill generates CSV and DOCX files based on processed input. It includes instructions for proper CSV quoting and escaping, which is a positive security practice for maintaining data integrity during export.
- [Encoding Artifacts]: The text contains several encoding artifacts (e.g., '—', '→') likely resulting from character set mismatches during content creation. These do not impact the security or functionality of the skill.
Audit Metadata