loom-testing
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No override instructions, safety bypasses, or system prompt extraction attempts were found. The instructional tone is standard for a technical guide.
- [DATA_EXFILTRATION]: No access to sensitive environment variables or system paths was detected. Code examples use clearly marked placeholders like 'test_key' for API keys, which is standard testing practice.
- [REMOTE_CODE_EXECUTION]: The skill references only legitimate, well-known testing frameworks (e.g., pytest, jest, vitest, mocha). There is no evidence of downloading or executing scripts from untrusted remote sources.
- [COMMAND_EXECUTION]: Bash usage is scoped to standard development and testing workflows such as executing test runners or infrastructure validation tools.
- [DATA_EXPOSURE]: While the skill describes processing external data (e.g., CSV fixtures, Terraform plans), it emphasizes validation and correctness without introducing insecure handling patterns.
Audit Metadata