jest-generator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill reads and processes external source code, which serves as an untrusted data ingestion surface for the agent. * Ingestion points: Source files are read using the Read, Grep, and Glob tools. * Boundary markers: The skill does not provide instructions to the agent on how to distinguish between source code content and potentially malicious embedded instructions. * Capability inventory: The skill has access to Bash, Write, and Edit tools, which could be exploited if an injection is successful. * Sanitization: No sanitization or validation of the input source code is performed before processing.
- [Command Execution] (SAFE): The skill correctly uses the Bash tool for running standard unit testing commands such as 'bun test' and 'npm test'. These uses are well-defined and align with the skill's purpose.
- [Data Exposure & Exfiltration] (SAFE): No credentials, secrets, or sensitive file paths are accessed. The skill's operations are confined to reading source files and writing test files within the local workspace.
- [Remote Code Execution] (SAFE): There are no remote downloads or executions of unverified scripts. The skill relies on standard, locally installed development runtimes.
Audit Metadata