Skills
skills/cruldra/skills/agent-testing/Gen Agent Trust Hub

agent-testing

Warn

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill workflow involves executing arbitrary project CLI commands (e.g., uv run python -m smart_sales.xxx.cli) and using networking tools like curl. This allows the agent to execute any executable available in the project environment.
  • [REMOTE_CODE_EXECUTION]: The skill specifically instructs the agent to "write a dedicated running script" (run.py) at runtime when existing tools are unavailable, and subsequently execute it using uv run. This dynamic code generation and execution pattern is a high-risk vector if the generated logic is influenced by untrusted inputs.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it processes external test cases which may contain malicious instructions.
  • Ingestion points: Test data files located in .tests/{test-name}/wave-{N}/input/case-{N}.json.
  • Boundary markers: Absent. The instructions do not specify any delimiters or warnings to ignore instructions embedded within the test cases.
  • Capability inventory: File system write access (creating test directories and reports), subprocess execution (uv run), and network operations (httpx, curl).
  • Sanitization: Absent. There are no requirements to validate or sanitize the JSON input before it is used to invoke agents or processed by the test runner.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 13, 2026, 08:33 AM