live-testing
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes several command-line tools such as
git,cargo, and the GitHub CLI (gh) to automate testing and issue management tasks. These operations are core to the protocol. - [EXTERNAL_DOWNLOADS]: Fetches updates from the project's remote repository on GitHub via
git pull. This is a routine action for developer-centric tools to ensure parity with the codebase. - [REMOTE_CODE_EXECUTION]: Executes the project's binary using
cargo run. While this entails running local code that may be derived from external sources, it is the intended and necessary behavior for live testing. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from potentially untrusted sources like application logs and project files.
- Ingestion points: Project configuration (
Cargo.toml), source code, application logs, and GitHub issue metadata. - Boundary markers: Absent; the instructions do not specify delimiters or warnings for external data.
- Capability inventory: Command execution (
git,cargo,gh) and spawning subagents (rust-agents:sdd). - Sanitization: Absent; no validation or escaping of external content is mentioned in the protocol.
Audit Metadata