test-coverage-improver
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [Automated Command Execution]: The skill executes
pnpm test:coveragewithin the repository. This is a standard development operation used to generate coverage data and is performed using the local package manager. - [Data Ingestion Surface]: The skill analyzes coverage artifacts like
coverage-summary.jsonandlcov.info. While these are external data sources to the agent, they are generated by the local test runner. Ingestion points: coverage summary, final, and lcov files. Boundary markers: The skill relies on user approval as a primary safety boundary. Capability inventory: Shell command execution (pnpm) and file writing. Sanitization: Test proposals are reviewed by the user before implementation. - [Least Privilege and User Verification]: The workflow ensures that the agent does not act autonomously when making structural changes. By presenting a numbered, concise list of proposed test additions for user approval, the skill maintains a human-in-the-loop security model.
Audit Metadata