generating-tests
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill performs shell operations using variable interpolation (e.g.,
find api/src -name "*ClassName*.cs"). A malicious class name or module path could result in arbitrary command execution on the host system. - [PROMPT_INJECTION] (HIGH): This skill is highly vulnerable to Indirect Prompt Injection (Category 8) because it processes untrusted source code as input for complex logic. Mandatory Evidence Chain: 1. Ingestion points: C# source files (
.cs) and user-provided class names. 2. Boundary markers: Absent; no delimiters or instructions to ignore embedded commands in comments/code are present. 3. Capability inventory: File system access, shell execution (find,dotnet build), Python script execution, and writing files. 4. Sanitization: Absent; the agent is directed to extract logic directly from method signatures and attributes without validation or escaping. - [EXTERNAL_DOWNLOADS] (LOW): References xUnit, NSubstitute, and Shouldly. While these are standard .NET testing libraries, the skill does not specify versions or integrity checks for the environment they are used in.
Recommendations
- AI detected serious security threats
Audit Metadata