testing
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): The skill contains no instructions designed to override AI safety constraints or hijack the system prompt. Instructions are focused on technical documentation.
- [Data Exposure & Exfiltration] (SAFE): No credentials or sensitive file paths are present. The validation script and patterns do not perform network requests.
- [Obfuscation] (SAFE): All content is presented in clear, human-readable text without encoded or hidden payloads.
- [Unverifiable Dependencies] (SAFE): All referenced packages (Vitest, Jest, React Testing Library) are industry-standard tools.
- [Indirect Prompt Injection] (LOW): The skill is a reference tool (skill_type: reference). While it processes a user-defined 'topic', it lacks dangerous capabilities like shell execution or network writing that could be leveraged by an attacker through untrusted input.
- [Dynamic Execution] (SAFE): The Python validation script uses
yaml.safe_load()correctly to prevent unsafe deserialization of the configuration file.
Audit Metadata