backend-testing

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill creates an attack surface for indirect prompt injection by processing untrusted user-provided text describing backend systems and code changes.\n
  • Ingestion points: The agent accepts user input as described in the SKILL.md instructions to classify requests and design test plans.\n
  • Boundary markers: The instructions do not define specific delimiters or instructions for the agent to ignore potentially malicious commands embedded in the user-provided context.\n
  • Capability inventory: The skill is configured with powerful system tools including Bash, Read, Write, Edit, Glob, and Grep in the allowed-tools frontmatter, which could be leveraged if an injection is successful.\n
  • Sanitization: No sanitization, validation, or escaping steps are prescribed for the data ingested from the user's request.\n- [SAFE]: The skill provides references to well-known industry standard resources for backend testing.\n
  • Evidence: References to Martin Fowler's blog, Pytest documentation, Testcontainers, and Pact documentation are included in SKILL.md as authoritative context for the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 04:58 AM
Security Audit — agent-trust-hub — backend-testing