agent-integration-testing

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is designed to autonomously execute shell commands and HTTP requests to verify test expectations. This involves spawning subagents that follow instructions defined in generated test specification files.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8). It ingests untrusted data from the codebase being tested and uses it to define actions. Mandatory Evidence Chain:
  • Ingestion points: Codebase investigation using glob and grep (SKILL.md, Core Process Step 1).
  • Boundary markers: None identified to separate codebase content from agent instructions.
  • Capability inventory: Execution of arbitrary shell commands and HTTP requests via subagents (SKILL.md, Core Process Step 4).
  • Sanitization: No sanitization or validation of the codebase content before it influences test generation is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 05:12 AM
Security Audit — agent-trust-hub — agent-integration-testing