testing-strategy
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill reads external files using Read, Grep, and Glob, which creates a surface for indirect prompt injection. Malicious instructions within a codebase could potentially manipulate the agent during the test design or execution phase.
- Ingestion points: External files accessed via the Read, Grep, and Glob tools.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are provided for processed code content.
- Capability inventory: The agent has access to the Bash tool, which allows for command execution and file writing.
- Sanitization: There is no evidence of content sanitization or validation before the agent processes the code.
- [COMMAND_EXECUTION]: The skill enables the Bash tool to facilitate test implementation and execution. This is a powerful capability that, while necessary for the skill's primary purpose, contradicts a 'read-only' note within the skill documentation.
Audit Metadata