sync-testing-skill
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from the codebase.
- Ingestion points: The skill reads source code files from
packages/[PACKAGE]/**/*.spec.{ts,tsx}. - Boundary markers: There are no defined delimiters or instructions to ignore embedded commands within the test files, which could lead the agent to follow malicious instructions hidden in code comments.
- Capability inventory: The skill has file read and write access for documentation purposes. It does not have network access, nor does it use shell execution tools or dynamic code evaluation.
- Sanitization: No sanitization or escaping of the content read from the codebase is performed before it is processed and added to the documentation.
Audit Metadata