test-engineer
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill explicitly instructs the agent to execute shell commands for testing purposes, including 'npm test', 'pytest', 'cargo test', and 'docker exec'. These capabilities are central to the 'Test Engineer' role for verifying code quality and environment readiness.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8). It is designed to ingest and process untrusted data from multiple sources, including implementation logs, code changes, and external library documentation.
- Ingestion points: Build/runtime logs, external documentation, and 'original_request' data.
- Boundary markers: The skill lacks explicit instructions to use delimiters or 'ignore instructions' warnings when processing these inputs.
- Capability inventory: The agent has access to shell execution ('npm', 'pytest', 'docker') and a 'memory_store' tool.
- Sanitization: There are no instructions for sanitizing or validating the content of external documentation or logs before they are interpreted by the agent, potentially allowing embedded malicious instructions to influence the agent's behavior.
Audit Metadata