kiss-unit-tests
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's scripts utilize standard system utilities to manage project files and state.
- Evidence: Execution of
git,python3,grep,sed, andmkdiracross Bash and PowerShell helper scripts to resolve the repository root and handle documentation. - [PROMPT_INJECTION]: The skill identifies and processes documentation files which constitutes an indirect prompt injection attack surface.
- Ingestion points: Reads
design.md,api-contract.md, andacceptance.md(located in the project's docs folder) to determine test requirements. - Boundary markers: No specific delimiters or safety instructions are defined to separate the documentation content from the agent's core instructions.
- Capability inventory: The skill enables the writing of new test files to the source code repository and index files to the documentation tree.
- Sanitization: Employs template substitution via
sedand PowerShell string replacement for initial scaffolding, while the semantic content of the tests is generated based on the ingested docs. - [DYNAMIC_EXECUTION]: The
common.shhelper script performs dynamic execution usingevalto load configuration data from.kiss/context.ymlinto shell environment variables. - The implementation utilizes shell-safe quoting and escaping (using
printf %qand a Python-based parser) to limit the risk of code injection from the configuration file.
Audit Metadata