testing-patterns
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- COMMAND_EXECUTION (HIGH): The
scripts/test_runner.pyscript executes commands usingsubprocess.runbased on findings in the target project's configuration files. - Evidence: In
scripts/test_runner.py, therun_testsfunction executes commands likenpm test,npx vitest, orpytestwhich are derived from the project environment. - REMOTE_CODE_EXECUTION (HIGH): The skill effectively executes arbitrary code contained within a target project's test suite or script definitions.
- Evidence: The
detect_test_frameworkfunction inscripts/test_runner.pyparsespackage.jsonand automatically selects execution paths that run project-specific code. - INDIRECT_PROMPT_INJECTION (HIGH): The skill is highly susceptible to indirect injection because it processes untrusted data (project files) and has the capability to execute side-effect-heavy commands.
- Ingestion points:
package.json,pyproject.toml, andrequirements.txtin the target project directory. - Boundary markers: None. The script does not use delimiters or warnings to separate trusted instructions from untrusted project content.
- Capability inventory: Arbitrary command execution via
subprocess.runfor Node.js and Python ecosystems. - Sanitization: None. The script trusts the values found in
package.jsonscripts and dependency lists.
Recommendations
- AI detected serious security threats
Audit Metadata