Skills
skills/ravnhq/ai-toolkit/test-case-gen/Gen Agent Trust Hub

test-case-gen

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting and processing untrusted data from external sources.
  • Ingestion points: The skill fetches content from user-provided URLs and parses raw HTML/XML markup as defined in rules/ref-input-sources.md.
  • Boundary markers: There are no explicit instructions or delimiters defined to separate the fetched content from the agent's instructions, nor are there instructions to ignore potentially malicious commands embedded in the external source.
  • Capability inventory: The skill can write files to the local filesystem (rules/ref-output-format.md) and interact with web pages using browser-based MCP tools (rules/ref-input-sources.md).
  • Sanitization: The skill does not implement sanitization or validation of external markup or text before processing it to generate test cases.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 06:26 PM