unit-test-generating-test-suite
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it ingests and processes untrusted external data (source code, requirements, OpenAPI specs) to drive the test generation process. 1. Ingestion points:
SKILL.mdStep 1 identifies external code and specifications as primary inputs. 2. Boundary markers: No explicit markers or safety instructions for handling untrusted content are present in this orchestration skill. 3. Capability inventory: The skill coordinates the creation of executable test files and review reports. 4. Sanitization: Input content is processed directly without documented sanitization or filtering at this stage. - [DATA_EXFILTRATION]: No sensitive data exposure or exfiltration patterns were identified. All operations are confined to the local environment and specified agent workflow.
- [REMOTE_CODE_EXECUTION]: There are no instances of remote code downloading or execution patterns.
- [COMMAND_EXECUTION]: No high-risk system commands or privilege escalation attempts were found.
Audit Metadata