testing-expert
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill defines an attack surface where malicious instructions embedded in a project's documentation or code could hijack the agent's behavior during test generation or review.
- Ingestion points:
SKILL.mddirects the agent to "Scan documentation" (specifically.agents/SYSTEM/ARCHITECTURE.md) and "Review existing test files, utilities, mocking patterns" to discover project context. - Boundary markers: Absent. The instructions provide no delimiters or guidance to help the agent distinguish between legitimate project data and potential adversarial instructions hidden within those files.
- Capability inventory: The skill is designed to perform "Writing unit tests", "Creating integration tests", and "Reviewing test coverage", implying the agent has the capability to modify the codebase or execute commands based on the untrusted data it ingests.
- Sanitization: Absent. There is no requirement or method provided to sanitize or validate the external content before it is processed by the agent.
Recommendations
- AI detected serious security threats
Audit Metadata