antithesis-workload

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection because it processes local data to inform its decision-making and code generation.
  • Ingestion points: Source code from the System Under Test (SUT) and evidence files in antithesis/scratchbook/properties/.
  • Boundary markers: There are no explicit delimiters or instructions to isolate the ingested data from the agent's logic.
  • Capability inventory: The skill generates SDK assertions, creates executable test scripts in antithesis/test/, and modifies the local property catalog.
  • Sanitization: The skill does not implement sanitization or validation of the ingested code or evidence content before using it in its output.
  • [EXTERNAL_DOWNLOADS]: The skill references the snouty utility and provides its installation documentation from the vendor's official GitHub repository.
  • [COMMAND_EXECUTION]: The skill instructs the agent to run snouty validate to confirm the testing configuration and the validity of test templates.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 10:12 PM
Security Audit — agent-trust-hub — antithesis-workload