Skills
skills/testomatio/skills/sync-cases/Gen Agent Trust Hub

sync-cases

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses npm install and npx check-tests to handle the installation and execution of the synchronization utility. These operations are aligned with the skill's primary purpose and involve the vendor's own tooling.
  • [EXTERNAL_DOWNLOADS]: Fetches the check-tests package from the public npm registry. This is documented as the standard setup procedure for the Testomat.io integration.
  • [PROMPT_INJECTION]: The skill reads test case data from external sources, presenting an indirect prompt injection surface.
  • Ingestion points: Test scenarios retrieved from Testomat.io and local Markdown files.
  • Boundary markers: None specified in the instructions.
  • Capability inventory: Shell command execution (npm/npx) and file system writes.
  • Sanitization: The content is processed as-is without specific validation of embedded instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 11:19 PM