local-service-testing
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): Employs common development commands such as
docker-compose up,pnpm test, andpsqlto manage local test environments. These actions are standard for the skill's stated purpose and are restricted to local operations.\n- [DATA_EXFILTRATION] (SAFE): Includes connection strings targetinglocalhost. No evidence of accessing sensitive credential files or exfiltrating data to external domains was found.\n- [PROMPT_INJECTION] (SAFE): The skill contains instructional content for developers and does not attempt to subvert the agent's safety protocols or override its core behavior.\n- [EXTERNAL_DOWNLOADS] (SAFE): No remote scripts or external dependencies are downloaded during execution. It references local scripts (session-start.sh,validate-local-testing.sh), which are assumed to be part of the user's local repository.\n- [Indirect Prompt Injection] (LOW):\n - Ingestion points: Reads local file paths using
git diff.\n - Boundary markers: Not present for git output processing.\n
- Capability inventory: The skill uses
BashandReadtools to interact with the local filesystem and services.\n - Sanitization: None; however, the risk is minimal as it only influences the determination of which local integration tests to run.
Audit Metadata