test-gen
Fail
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
- EXTERNAL_DOWNLOADS / REMOTE_CODE_EXECUTION (HIGH): The skill instructs the agent to run
npx ai-test-gen. This command downloads and executes code from the npm registry. Because the package author (lxgicstudios) is not a trusted source, this represents a high-risk remote code execution vector. - DATA_EXFILTRATION (MEDIUM): The tool's primary function is to read source code files (e.g.,
./src/auth.ts). A malicious version of the executed package could exfiltrate the contents of these files or other sensitive local data to an external server. - INDIRECT_PROMPT_INJECTION (LOW): The skill has a data ingestion surface (Category 8). It processes local source files which could contain malicious instructions designed to influence the AI's output.
- Ingestion points: Source files passed as arguments to the command (e.g.,
src/utils.ts). - Boundary markers: None specified in the prompt instructions.
- Capability inventory: Execution of shell commands via
npxand file system access. - Sanitization: None detected in the skill instructions.
Recommendations
- AI detected serious security threats
Audit Metadata