pest-testing
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill explicitly instructs the agent to execute shell commands using the Laravel Artisan CLI. Evidence:
php artisan test --compact --filter=testNameandphp artisan make:test --pest {name}. If the agent populates these placeholders with unsanitized user input, it could lead to arbitrary command execution. - INDIRECT_PROMPT_INJECTION (LOW): The skill has an attack surface where untrusted data (test names or logic) enters the agent's context. Evidence: Ingestion points in the
Basic Usagesection ofSKILL.md. Lack of explicit boundary markers or sanitization instructions for the{name}placeholder increases the risk that a malicious user could escape the command string.
Audit Metadata