cover
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill generates test scripts using LLM agents and subsequently executes them on the host system to verify coverage and functionality.
- [COMMAND_EXECUTION]: The skill uses the CronCreate tool to establish persistence for a 'Coverage Drift Monitor' and executes a local framework detection script via a PreToolUse hook.
- [DATA_EXFILTRATION]: The workflow requires reading local source code and configuration files to identify testing gaps, which establishes a surface for accessing sensitive project data.
- [PROMPT_INJECTION]: The skill ingests untrusted local source code for analysis by LLM agents, creating a potential surface for indirect prompt injection attacks.
Audit Metadata