test-plan-generation
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from repository files to generate documentation, which creates a surface for indirect prompt injection.
- Ingestion points: The skill scans the project tree and reads files such as
README.md,package.json, and various configuration or documentation files (Step 1 and Step 2 inSKILL.md). - Boundary markers: There are no instructions to use delimiters or 'ignore' directives when reading content from these potentially untrusted files.
- Capability inventory: The skill has the capability to read project files (via globbing and direct file reading) and write the resulting documentation to the
docs/directory. - Sanitization: The skill lacks explicit sanitization or validation logic for the content it extracts from the scanned files before using that content to inform its output.
Audit Metadata