skill-tester
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): Operation 2 (Example Validation) directs the agent to 'Execute each example' found in target documentation. Since the skill has access to the Bash tool, this allows for the execution of arbitrary commands if the agent is directed to test a malicious skill.
- [PROMPT_INJECTION] (LOW): The skill provides a surface for indirect prompt injection. 1. Ingestion points: The skill reads external SKILL.md files. 2. Boundary markers: Absent; there are no instructions to treat extracted examples as untrusted. 3. Capability inventory: Uses the Bash tool to execute extracted text. 4. Sanitization: Absent; no validation or filtering of commands is performed before execution.
Audit Metadata