recipe-add-integration-tests
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses Bash commands for routine development tasks such as file discovery (
ls,grep), path validation (test), and version control operations (git commit). These operations are consistent with the skill's stated purpose of managing a test-addition workflow. - [INDIRECT_PROMPT_INJECTION]: The skill establishes a workflow that ingests content from design documents and UI specifications to serve as context for subagents. While this is a standard operational surface for an orchestrator, it is documented here as an inherent architectural property.
- Ingestion points: Document paths provided via
$ARGUMENTSand existing markdown files indocs/design/anddocs/ui-spec/. - Boundary markers: Absent; the skill interpolates discovered paths directly into prompts for subagents like
acceptance-test-generatorwithout explicit delimiters. - Capability inventory: Includes file system access via Bash, file creation (task files), and source code modification through Git commits.
- Sanitization: The skill does not perform validation or filtering on the content of the documents before they are processed by subagents.
Audit Metadata