shell-testing
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides patterns for generating and running BATS test files and shell-based mock stubs. These operations are intended for use within isolated test environments as defined in the skill's mandatory isolation requirements.
- [EXTERNAL_DOWNLOADS]: The skill references well-known testing frameworks and helper libraries such as BATS-core, bats-assert, and Zunit. These are standard industry tools for the described functionality.
- [PROMPT_INJECTION]: The skill defines a workflow for processing user-supplied shell scripts to generate tests (ingestion point: user-provided shell files). While the skill lacks explicit input sanitization or boundary markers for the ingested code, it mitigates risk by mandating strict test isolation, the use of temporary directories ($BATS_TEST_TMPDIR), and safety guards for any commands that modify system state. Capabilities include file writing and command execution via the BATS CLI.
Audit Metadata