tests
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill is vulnerable to instructional takeover via processed test data.
- Ingestion points: Untrusted data enters the context through
testany_get_executionandtestany_get_execution_casecalls as described in the workflow (SKILL.md). - Boundary markers: Absent. There are no instructions to the agent to treat test names, logs, or error messages as data rather than instructions.
- Capability inventory: The agent can trigger external pipeline executions (
testany_execute_pipeline) and provide recommendations based on test failures (SKILL.md). - Sanitization: None specified. Maliciously crafted test case names or failure logs could contain instructions that redirect the agent's workflow.
- Command Execution (SAFE): The skill uses predefined tool calls for interaction and does not appear to spawn arbitrary shell processes.
- External Downloads (SAFE): No remote scripts or unverified package installations are referenced.
Recommendations
- AI detected serious security threats
Audit Metadata