Skills
skills/tai-ch0802/skills-bundle/testing-patterns/Gen Agent Trust Hub

testing-patterns

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The scripts/test_runner.py utility uses the subprocess module to execute test commands. It identifies the appropriate command (e.g., npm test, pytest) based on the presence of project-specific files like package.json or pyproject.toml. This behavior is expected for a test runner and is consistent with the Bash tool permission.- [PROMPT_INJECTION]: The script reads project configuration files to determine execution logic, which presents an indirect prompt injection surface.
  • Ingestion points: The script ingests data from package.json, pyproject.toml, and requirements.txt within the target project directory.
  • Boundary markers: No specific delimiters or safety instructions are used to separate configuration data from execution templates.
  • Capability inventory: The script can execute arbitrary shell commands and read local project files.
  • Sanitization: No sanitization is performed on the command strings or script names extracted from project files, though the script targets standard framework names by default.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:28 PM