test-runner
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute development commands such as pnpm test, pnpm db:reset, and docker system prune. These operations are consistent with the skill's purpose as a test runner.
- [PROMPT_INJECTION]: The skill processes external data including test failure reports, stack traces, and code changes to provide summaries and suggestions. This presents an indirect prompt injection surface. 1. Ingestion points: Test failure reports, stack traces, and code changes described in SKILL.md. 2. Boundary markers: The instructions do not define specific delimiters to separate untrusted test output from the agent's instructions. 3. Capability inventory: The skill has access to the Bash tool, which allows for command execution. 4. Sanitization: No sanitization of test output or code content is specified.
Audit Metadata