Skills
skills/tuist/agent-skills/fix-flaky-tests/Gen Agent Trust Hub

fix-flaky-tests

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill instructs the agent to run shell commands like tuist and xcodebuild using parameters (test IDs, module names) provided by the user or extracted from tool outputs. Without explicit sanitization, this poses a minor risk of command injection if the inputs contain shell-sensitive characters.
  • [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection as it ingests and analyzes external content.
  • Ingestion points: It reads local test source files identified in failures[0].path and processes JSON output from the tuist CLI.
  • Boundary markers: Absent; the instructions do not provide delimiters or 'ignore' directives for the content being analyzed.
  • Capability inventory: The agent can execute subprocesses (tuist, xcodebuild) and read local files.
  • Sanitization: Absent; there is no validation or escaping of the ingested file content or CLI outputs before they are processed by the agent's logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:32 PM