fix-tests
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data with high-privilege tools.
- Ingestion points: The skill is designed to read and parse entire test logs, including 'Test Results' summaries and 'Failed Test Details' (SKILL.md).
- Boundary markers: There are no explicit boundary markers or instructions to treat the ingested test logs as untrusted content.
- Capability inventory: The skill is granted access to the
BashandEdittools, allowing it to execute arbitrary shell commands and modify any file in the repository. - Sanitization: No sanitization or validation of the test log content is mentioned before it is parsed and acted upon by the agent.
Audit Metadata