pict-test-designer
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation and instructions recommend installing the
pypictPython library from the official package registry. It also provides instructions for downloading the skill and its components from the author's GitHub repository (omkamal/pypict-claude-skill) and references the official Microsoft PICT repository. - [COMMAND_EXECUTION]: The skill utilizes shell commands for its installation process (
git clone,wget,pip install) and includes a Python utility script (scripts/pict_helper.py) which the agent is instructed to run to generate, format, and parse PICT models. This is consistent with its primary purpose of test case design. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and analyzes untrusted data in the form of user-provided requirements or source code to identify test parameters and constraints.
- Ingestion points: User-supplied requirements or code provided in the chat context (described in
SKILL.md). - Boundary markers: None identified in the skill's instructions for the agent when processing user input.
- Capability inventory: The agent can execute arbitrary Python code for model generation and has shell access to run helper scripts and local file operations (documented in
SKILL.mdandscripts/pict_helper.py). - Sanitization: No explicit sanitization, validation, or escaping of the user-provided content is mentioned before it is processed by the agent's reasoning or the helper scripts.
Audit Metadata