Skills
skills/proffesor-for-testing/agentic-qe/coverage-guard/Gen Agent Trust Hub

coverage-guard

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection via the coverage report file.
  • Ingestion points: scripts/check-coverage.sh reads data from coverage/coverage-summary.json in the local workspace.
  • Boundary markers: Absent. Values from the JSON file are interpolated directly into output strings without delimiters.
  • Capability inventory: The skill registers a PostToolUse hook on Bash commands, allowing it to provide feedback to the agent after testing commands like jest or vitest.
  • Sanitization: None. The script does not validate or escape the contents of the coverage report before echoing it to the console, which allows a malicious report to influence agent behavior.
  • [COMMAND_EXECUTION]: The script uses node -e to execute a JavaScript snippet for parsing the JSON coverage file. While the file path is hardcoded, the use of a runtime to execute code for data parsing represents a larger attack surface than static alternatives like specialized JSON parsers.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 07:27 AM