test-reporting-en
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes several Python scripts located in the
scripts/directory that utilize thesubprocessmodule to execute other scripts within the same package. For instance,batch_convert_templates.pyand various wrapper scripts (e.g.,convert_to_csv.py) invokeconvert_formats.pyviasubprocess.call. This is used to automate format transformations across different file types like JSON, CSV, and Markdown. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it is designed to ingest and process external, potentially untrusted test execution data and defect information to generate reports.
- Ingestion points: Untrusted data enters the agent context through user-provided test execution data and project backgrounds as described in
SKILL.mdand the prompt templates. - Boundary markers: The prompts in
prompts/test-reporting_EN.mduse Markdown structure and horizontal rules to separate sections, but they do not contain explicit instructions for the AI to ignore instructions potentially embedded within the data files. - Capability inventory: The skill's Python scripts have the ability to read and write files using
pathliband execute local Python processes viasubprocess.call. - Sanitization: While the scripts use standard library parsers (
json,csv,xml.etree), they do not implement security-specific sanitization to filter out malicious natural language instructions before they are processed by the LLM. - [SAFE]: No network operations, data exfiltration attempts, hardcoded credentials, or obfuscation techniques were identified in the provided file set.
Audit Metadata