test
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted content from test outputs and source code during the 'Execute Tests' and 'Fix it' stages in SKILL.md. Without boundary markers or sanitization, malicious content in these sources could potentially override agent instructions.
- [COMMAND_EXECUTION]: The use of $ARGUMENTS to specify test targets in SKILL.md creates a risk of command injection. If the user-supplied input is not sanitized before being incorporated into shell commands for test runners, it could lead to arbitrary code execution.
- [EXTERNAL_DOWNLOADS]: The skill references 'npx playwright install' in SKILL.md, which downloads external binaries and browser drivers at runtime, creating a dependency on external infrastructure.
Audit Metadata