Skills
skills/rysweet/amplihack/outside-in-testing/Gen Agent Trust Hub

outside-in-testing

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill orchestrates the execution of external applications (CLI, TUI, Web, Electron) to verify their behavior. This involves spawning subprocesses and simulating user interactions like keystrokes and clicks.
  • [EXTERNAL_DOWNLOADS]: The scripts/check-freshness.py script performs a network request to the GitHub API (api.github.com) to compare the local framework version with the latest release.
  • [EXTERNAL_DOWNLOADS]: Installation instructions recommend fetching the framework from the vendor's GitHub repository or via the npm registry.
  • [PROMPT_INJECTION]: The skill processes structured test scenarios (YAML) that define agent actions, representing an indirect prompt injection surface.
  • Ingestion points: Scenario YAML files in the examples/ directory.
  • Boundary markers: Structured YAML schema for test definitions.
  • Capability inventory: Capabilities include process launching, input simulation, and shell command execution across agents.
  • Sanitization: The framework employs AI-based 'Comprehension Agents' to validate application output against expected results.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 03:25 PM