Testing & Validation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill executes a local shell script at './.agent/skills/testing/scripts/validate.sh'. This constitutes direct command execution within the agent context.
- [REMOTE_CODE_EXECUTION] (HIGH): The instructions to run 'cargo test' and 'cargo build' allow for indirect remote code execution. In Rust projects, 'build.rs' files and procedural macros can execute arbitrary code on the host machine during the build and test phases.
- [PROMPT_INJECTION] (HIGH): This skill is vulnerable to Indirect Prompt Injection. It ingests untrusted data from tool outputs (clippy and cargo test results) and lacks boundary markers or sanitization. Since the agent is instructed to act on these outputs and has shell/file access capabilities, malicious instructions hidden in the code being tested could be parsed and executed by the agent.
Recommendations
- AI detected serious security threats
Audit Metadata