quality-auto-test
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface through its ingestion of repository metadata and documentation. \n
- Ingestion points: File contents from requirement documents (REQ-*.md) and source code are used to formulate test scenarios during the S_SOURCE and S_INFRA phases. \n
- Boundary markers: Project data is interpolated into sub-agent instructions without the use of dedicated delimiters (e.g., XML tags). \n
- Capability inventory: The orchestrator is authorized to use shell execution (Bash), file modification (Write/Edit), and agent spawning (spawn_agents_on_csv). \n
- Sanitization: The skill relies on natural language constraints within the system instructions to prevent sub-agents from modifying the primary source code or executing recursive calls.
Audit Metadata