test-generation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (LOW): The skill exhibits a surface for indirect prompt injection. It analyzes external source code provided by the user, which may contain malicious instructions designed to manipulate the subagent's behavior during test generation.
- Ingestion points: Source code paths provided in the
/test:generate-testscommand are ingested and analyzed as seen inreferences/generate-tests.md. - Boundary markers: No boundary markers (e.g., delimiters) or "ignore embedded instructions" warnings are defined in the delegation prompts to subagents.
- Capability inventory: The subagents (
test-automatorandquality-engineer) possessRead,Grep,Glob, andWritecapabilities to interact with the file system. - Sanitization: No sanitization or validation of the ingested code content is specified.
- No Code (SAFE): This skill does not distribute any executable scripts or binary files, reducing the risk of direct local command execution or persistence.
Audit Metadata