mutation-testing
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the installation of
@stryker-mutator/coreand@stryker-mutator/jest-runnerfrom the official npm registry. These are established and well-known libraries used for software testing automation. - [COMMAND_EXECUTION]: The skill uses standard CLI commands, such as
npx stryker initandnpx stryker run, which are required to perform its primary function of mutation testing. These operations are performed using the legitimate Stryker toolset. - [PROMPT_INJECTION]: Analysis of the skill instructions and metadata revealed no attempts to override agent behavior, bypass safety filters, or extract system instructions. The content is focused on technical QE procedures.
- [DATA_EXFILTRATION]: No hardcoded credentials, sensitive file access patterns (such as accessing SSH keys or environment files), or unauthorized external network requests were found. Network operations are limited to standard package management.
- [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: The skill analyzes source code (e.g.,
src/**/*.ts) and test files to identify mutation points and verify test effectiveness. - Boundary markers: Relies on standard configuration and file globbing to define the analysis scope.
- Capability inventory: Executes the Stryker test runner as a subprocess to process the code.
- Sanitization: The skill relies on the Stryker tool's parser to handle the code input, which is standard practice for this type of analysis.
Audit Metadata