generate-tests
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions to bypass safety filters or ignore previous instructions were found.
- Command Execution (SAFE): The Bash tool is utilized for running tests, which is a core function of the skill's stated purpose.
- Indirect Prompt Injection (SAFE): The skill ingests untrusted data from the local workspace via Read, Grep, and Glob. While this provides a surface for indirect prompt injection from codebase comments, it is a necessary part of the functional requirements. 1. Ingestion points: Read, Grep, Glob (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Bash, Write, Edit, Read. 4. Sanitization: Absent.
- Dynamic Execution (SAFE): The skill generates and executes test scripts. This is categorized as safe given it follows standard testing templates and is the primary intended use-case.
Audit Metadata