go-fuzz-testing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill analyzes user-provided Go source code to generate test cases, which is a standard surface for indirect prompt injection.
- Ingestion points: Go source files located in
pkg/**/*_test.goandinternal/**/*_test.go. - Boundary markers: Absent; the skill relies on standard Go code structure.
- Capability inventory: Suggests local shell command execution (
make) and generates Go source code. - Sanitization: No explicit sanitization of input strings from source code is mentioned before template interpolation.
- [COMMAND_EXECUTION] (SAFE): The skill references the command
make go-test-fuzz. This is a standard local development practice for Go projects using a Makefile and does not involve downloading or executing untrusted remote scripts.
Audit Metadata