unit-testing
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to read and analyze local source code files (*.service.ts and *.controller.ts) to generate unit tests. This creates a surface for indirect prompt injection if analyzed files contain malicious instructions in comments or string literals.\n
- Ingestion points: Accesses service and controller files within the repository for analysis (SKILL.md).\n
- Boundary markers: No specific boundary markers or instructions to disregard embedded commands in the source code are defined.\n
- Capability inventory: The skill allows creating planning documents and reports as Markdown files and executing shell commands for test runs.\n
- Sanitization: The instructions do not include steps for sanitizing or validating the content of the source files being processed.\n- [COMMAND_EXECUTION]: The skill requires the agent to execute shell commands to perform its core functions, specifically running tests and coverage reports using 'npm run test', 'npx jest', and 'npm run test:cov' (SKILL.md).
Audit Metadata