test-case-writing-en
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it is designed to process and transform untrusted data from external files into test cases. 1. Ingestion points: Data enters the system through
scripts/convert_formats.pyandscripts/parse_formats.py, which parse DOCX, XLSX, JSON, CSV, Markdown, and XMind files. 2. Boundary markers: None; the parsing scripts do not wrap extracted content in specific delimiters or include instructions for the LLM to ignore embedded commands. 3. Capability inventory: The skill includes the ability to read and write local files and execute its own internal scripts usingsubprocess.call(e.g., inscripts/batch_convert_templates.py). 4. Sanitization: The skill utilizes standard library parsers such asjson,csv, andxml.etree.ElementTreefor structured data extraction but does not sanitize the resulting text content for potential malicious instructions. - [DYNAMIC_EXECUTION]: The skill uses
subprocess.callto orchestrate its internal conversion and parsing logic. These operations are limited to resolved static paths of local scripts and do not utilize shell-based execution, which is considered a low-risk pattern for local utility orchestration. - [SAFE]: No evidence of hardcoded credentials, network exfiltration, remote code execution from untrusted sources, or persistence mechanisms was found within the skill's code or documentation.
Audit Metadata