Skills
skills/naodeng/awesome-qa-skills/api-testing-en/Gen Agent Trust Hub

api-testing-en

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Recommends installing the 'newman' package via npm, which is a well-known and widely used tool for Postman collection execution.
  • [COMMAND_EXECUTION]: Provides instructions for running shell commands and scripts (e.g., './newman-run.sh' and 'newman run') to perform API tests, which are standard for the skill's purpose.
  • [PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection through its processing of user-supplied API documentation.
  • Ingestion points: API documentation or architecture files provided as input (per 'prompts/api-testing_EN.md').
  • Boundary markers: Not implemented; there are no specific delimiters used to wrap external content.
  • Capability inventory: Generates executable automation scripts in JavaScript, Java, and Shell.
  • Sanitization: Not implemented; the prompt does not include validation or sanitization of the input data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 12:57 AM