agent-tester
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines 'pre' and 'post' shell hooks to execute environment checks and run test suites using 'npm test'.
- [PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection by ingesting untrusted data through the '$TASK' variable and user-provided instructions for test generation.
- Ingestion points: The '$TASK' environment variable in the 'pre' hook and user instructions for test design.
- Boundary markers: None present.
- Capability inventory: Shell execution ('npm test') and performance benchmark tools.
- Sanitization: No input validation or sanitization of the '$TASK' content or generated test code is performed before execution.
Audit Metadata