Skills
skills/proffesor-for-testing/sentinel-api-testing/security-testing/Gen Agent Trust Hub

security-testing

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [Indirect Prompt Injection] (SAFE): The skill ingests untrusted data during security scanning. Evidence Chain: 1. Ingestion points: External target data (HTML/API responses). 2. Boundary markers: Instructs use of parameterized queries. 3. Capability inventory: Network fetch and test execution. 4. Sanitization: Guidance on input validation and output encoding included. This surface is intrinsic to the skill's primary purpose.
  • [Prompt Injection] (SAFE): No instructions targeting agent behavioral overrides or safety bypasses were found.
  • [Data Exposure & Exfiltration] (SAFE): No hardcoded secrets or unauthorized data access detected; test examples use non-sensitive placeholders.
  • [Unverifiable Dependencies & Remote Code Execution] (SAFE): References to standard security tools (e.g., Semgrep, OWASP ZAP) are for legitimate testing workflows and do not involve untrusted remote execution patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:46 PM