skill-test
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill identifies and executes local Python and Node.js scripts to perform validation checks (e.g., 'python script.py --help'). This is a form of dynamic execution. Since this is the primary function of a test runner, the severity is categorized as LOW despite the inherent risks of executing local code.
- [PROMPT_INJECTION] (LOW): This skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted data from third-party skill files. \n
- Ingestion points: The runner reads SKILL.md, plugin.json, and source code files from the project being tested. \n
- Boundary markers: No specific delimiters or safety warnings for the agent are mentioned to distinguish between the runner's instructions and the content of the skills being tested. \n
- Capability inventory: The tool has the capability to execute shell commands via Python and Node.js subprocesses. \n
- Sanitization: The documentation does not describe any sanitization or validation of the scripts or arguments before execution beyond basic syntax checks.
Audit Metadata