testing
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses Bash tools to execute test commands like 'pnpm run test' and 'pnpm vitest run ', which run agent-generated code based on project files.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection.
- Ingestion points: The skill reads source code and project configurations (e.g., package.json, vite.config.ts) to understand context.
- Boundary markers: Instructions do not specify the use of delimiters or 'ignore instructions' warnings when processing ingested code.
- Capability inventory: The skill can write/edit files and execute shell commands (Bash).
- Sanitization: No logic is implemented to sanitize or validate content extracted from source files before incorporating it into executable test scripts.
Audit Metadata