testing-unit
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process and execute code units, which creates an indirect prompt injection surface.
- Ingestion points: Individual functions, methods, classes, and test files identified in the workspace (SKILL.md).
- Boundary markers: Absent; no specific delimiters or instructions are provided to distinguish between code and agent-directed instructions.
- Capability inventory: Shell command execution using various testing frameworks (npm, pytest, go, cargo, dotnet) and local script execution (scripts/example.sh).
- Sanitization: Absent; the skill does not specify isolation or input validation for the execution of test suites.
- [COMMAND_EXECUTION]: The skill documentation and accompanying scripts facilitate the execution of arbitrary system commands and test frameworks to perform its functions.
Audit Metadata