context-driven-testing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): The skill uses instructional tags like
<default_to_action>to define agent behavior, but these are used strictly for implementing testing logic and do not attempt to bypass safety filters or override system constraints. - DATA_EXFILTRATION (SAFE): No sensitive file paths, hardcoded credentials, or unauthorized network operations were identified. The data mentioned (project goals, constraints) is used within the context of testing strategy development.
- REMOTE_CODE_EXECUTION (SAFE): The provided code snippets are illustrative TypeScript examples for agent coordination and do not contain functional commands to download or execute external scripts.
- INDIRECT_PROMPT_INJECTION (LOW): The skill defines a surface where it processes untrusted project metadata (e.g., project names, descriptions) to generate testing strategies. While this creates an ingestion point for potentially malicious data, the risk is inherent to the functional purpose of the skill and the capabilities shown are limited to task orchestration.
- OBFUSCATION (SAFE): No hidden characters, encoding tricks, or obfuscated commands were found in the skill body or metadata.
Audit Metadata