Skills
skills/naodeng/awesome-qa-skills/automation-testing/Gen Agent Trust Hub

automation-testing

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes several Python scripts that use the subprocess module to chain execution between local tools. For instance, scripts/batch_convert_templates.py invokes scripts/convert_formats.py using the current Python interpreter. These operations are limited to the skill's local directory.\n- [COMMAND_EXECUTION]: The README.md suggests using the -ExecutionPolicy Bypass flag for Windows PowerShell installation scripts. This is a common practice for running local automation scripts but involves bypassing default script execution restrictions.\n- [PROMPT_INJECTION]: The skill processes external file formats including Word (.docx), Excel (.xlsx), and XMind, creating a surface for indirect prompt injection. Malicious instructions embedded within these files could be parsed and included in the AI agent's context during execution.\n
  • Ingestion points: parse_formats.py and convert_formats.py read content from local files provided by the user.\n
  • Boundary markers: None detected in the instructions passed to the agent when processing external content.\n
  • Capability inventory: Subprocess execution of local scripts, file system reading and writing.\n
  • Sanitization: The skill extracts raw text and values from structured data formats without sanitizing potential prompt injection payloads.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 09:00 AM