test-fixing
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill explicitly instructs the agent to execute shell commands such as
make testanduv run pytest. These commands run code and scripts located within the local repository environment. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it analyzes untrusted data to determine its next steps.
- Ingestion points: The agent reads and analyzes output from
make test,git diff, and source code files to group errors and implement fixes (SKILL.md). - Boundary markers: Absent; the instructions do not include delimiters or specific directives to ignore instructions that might be embedded within test failures or code comments.
- Capability inventory: The skill utilizes capabilities to execute shell commands (
make,pytest) and modify the filesystem using anEdit tool(SKILL.md). - Sanitization: Absent; there is no validation or filtering of the test output or code content before the agent interprets it for the purpose of 'smart grouping' or 'identifying root causes'.
Audit Metadata