test
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill detects and runs test commands like
npx jest,pytest, orcargo test. It also executes custom commands fromCLAUDE.mdorpackage.jsonscripts, which could be manipulated by a malicious repository to execute unintended shell commands. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from the repository files. 1. Ingestion points:
package.json,CLAUDE.md, and project source/test files. 2. Boundary markers: Absent; the skill does not use delimiters or instructions to ignore potential commands embedded within the data it reads. 3. Capability inventory: The skill can execute shell commands via detected test frameworks and perform file write operations to fix code. 4. Sanitization: None; the skill directly adopts commands and logic found in configuration files without validation.
Audit Metadata