Skills
skills/senweaver/senweaver-ide/test-master/Gen Agent Trust Hub

test-master

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill leverages the run_command tool to execute various test runners and performance benchmarks, including npx jest, npx vitest, pytest, go test, k6, and Artillery. This is the primary intended functionality of the skill and uses well-known developer tools.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it ingests untrusted code data and has capabilities to execute commands or modify files based on that context.
  • Ingestion points: Uses read_file to load source code into the agent's context for analysis and testing.
  • Boundary markers: No specific delimiters or 'ignore embedded instructions' warnings are provided to prevent the agent from obeying instructions found within the code comments or content.
  • Capability inventory: The skill possesses extensive local capabilities including run_command, create_file_or_folder, rewrite_file, edit_file, and browser_action (for E2E testing).
  • Sanitization: No sanitization, validation, or filtering of the read content is implemented before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 08:49 AM