automation-testing-en
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill contains Python scripts (e.g., scripts/batch_convert_templates.py) that use the subprocess module to execute other internal scripts for parsing and converting data formats. This is used for internal workflow management and does not execute untrusted external commands.
- [PROMPT_INJECTION]: The Senior Test Automation Architect prompt (prompts/automation-testing_EN.md) is designed to process user-provided project details. This creates a surface for indirect prompt injection (Category 8) as the prompt lacks delimiters or sanitization for the ingested requirements. (Ingestion: prompts/automation-testing_EN.md; Boundary markers: Absent; Capabilities: Markdown and structured data generation; Sanitization: Absent)
Audit Metadata