Skills
skills/rube-de/cc-skills/test/Gen Agent Trust Hub

test

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to detect environment configurations and run test suites using tools such as vitest, jest, pytest, cargo, and go. It also uses the GitHub CLI (gh) to create issues.
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) because it ingests untrusted data from test outputs and git metadata without explicit sanitization or boundary markers.
  • Ingestion points: Test results and error messages captured from stdout/stderr, and file names/metadata from git diff/log.
  • Boundary markers: None identified; data is interpolated directly into the report body.
  • Capability inventory: Shell execution (gh issue create) and file system write access (/tmp/).
  • Sanitization: None; the skill assumes the data processed from the local environment and test runners is safe for inclusion in the issue body.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 05:28 AM