create-tests
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface where the agent processes content from a user-provided file to generate and run code.
- Ingestion points: The skill ingests untrusted data from
issue-analysis-<issue_number>.md(Step 1). - Boundary markers: Absent. There are no delimiters or explicit instructions provided to the agent to differentiate between the analysis content and its own instructions.
- Capability inventory: The skill instructs the agent to 'Run & Verify the Tests' (Step 4), which involves executing code generated from the external data.
- Sanitization: Absent. No validation or sanitization of the input file's content is described.
- [NO_CODE]: This skill is composed entirely of natural language instructions in a Markdown file and does not include any executable scripts or binaries.
Audit Metadata