Skills
skills/steipete/clawdis/optimizetests/Gen Agent Trust Hub

optimizetests

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various project-specific commands using the pnpm package manager, including pnpm test, pnpm check, and pnpm build to verify optimizations.
  • [COMMAND_EXECUTION]: It uses system utilities such as /usr/bin/time and timeout to establish performance benchmarks for targeted test files.
  • [COMMAND_EXECUTION]: The skill interacts with the GitHub CLI (gh) to monitor CI/CD pipelines and executes a repository-local script scripts/committer to record changes.
  • [PROMPT_INJECTION]: There is a surface for indirect prompt injection because the agent is instructed to read documentation and configuration files (docs/help/testing.md, docs/ci.md, AGENTS.md) which could contain malicious instructions if the repository content is untrusted.
  • Ingestion points: Files docs/help/testing.md, docs/ci.md, and AGENTS.md are read during the runbook execution.
  • Boundary markers: None present; the agent processes these files as direct instructions/context.
  • Capability inventory: The agent can execute shell commands via pnpm, gh, and scripts/committer and has file system access within the repository.
  • Sanitization: No explicit sanitization or validation of the content of the read files is performed before the agent follows the instructions therein.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 04:50 AM