backend-testing
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill creates an attack surface for indirect prompt injection by processing untrusted user-provided text describing backend systems and code changes.\n
- Ingestion points: The agent accepts user input as described in the
SKILL.mdinstructions to classify requests and design test plans.\n - Boundary markers: The instructions do not define specific delimiters or instructions for the agent to ignore potentially malicious commands embedded in the user-provided context.\n
- Capability inventory: The skill is configured with powerful system tools including
Bash,Read,Write,Edit,Glob, andGrepin theallowed-toolsfrontmatter, which could be leveraged if an injection is successful.\n - Sanitization: No sanitization, validation, or escaping steps are prescribed for the data ingested from the user's request.\n- [SAFE]: The skill provides references to well-known industry standard resources for backend testing.\n
- Evidence: References to Martin Fowler's blog, Pytest documentation, Testcontainers, and Pact documentation are included in
SKILL.mdas authoritative context for the agent.
Audit Metadata