testability-scoring
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) by ingesting untrusted data from target websites that is reflected in generated HTML reports without sanitization.\n
- Ingestion points: Target website URLs and DOM metrics are extracted in
testability-scoring.spec.template.jsand via Vibium commands inSKILL.md.\n - Boundary markers: Absent; the skill does not implement delimiters or instructions to ignore embedded instructions in the ingested data.\n
- Capability inventory: Use of
child_process.execinscripts/generate-html-report.jsandtestability-scoring.spec.template.jsfor automation.\n - Sanitization: The HTML report generator in
scripts/generate-html-report.jsdirectly interpolates metadata such as the target URL and principle descriptions into a template, creating a Cross-Site Scripting (XSS) risk if a malicious page is assessed.\n- [COMMAND_EXECUTION]: The skill utilizes shell command execution to automate the assessment and reporting lifecycle.\n - Evidence:
scripts/generate-html-report.jsuseschild_process.execto launch the system's default browser to display the report.\n - Evidence:
resources/templates/testability-scoring.spec.template.jsexecutes the report generation script throughchild_process.execupon completion of tests.\n- [DATA_EXFILTRATION]: Local network exposure of assessment reports.\n - Evidence:
scripts/generate-html-report.jscreates an HTTP server that binds to0.0.0.0. This configuration exposes the report to all devices on the local network, which may lead to unintended information disclosure.
Audit Metadata