fuzzing
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): The skill provides instructional content for software testing. All shell commands and code examples are consistent with standard development practices for C/C++ fuzzing.
- Indirect Prompt Injection (SAFE): While the skill involves processing external data (fuzzing corpora), it does so within a controlled testing environment. Mandatory Evidence: 1. Ingestion points: 'corpus/' and 'afl-input/' directories where untrusted data is stored for fuzzer consumption. 2. Boundary markers: Not applicable for binary fuzzing harnesses which process raw bytes. 3. Capability inventory: Local execution of compiled fuzzer binaries and standard build tools (clang, cmake). 4. Sanitization: The user-provided fuzz target is responsible for handling arbitrary byte sequences securely.
Audit Metadata