kiss-unit-tests

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill's scripts utilize standard system utilities to manage project files and state.
  • Evidence: Execution of git, python3, grep, sed, and mkdir across Bash and PowerShell helper scripts to resolve the repository root and handle documentation.
  • [PROMPT_INJECTION]: The skill identifies and processes documentation files which constitutes an indirect prompt injection attack surface.
  • Ingestion points: Reads design.md, api-contract.md, and acceptance.md (located in the project's docs folder) to determine test requirements.
  • Boundary markers: No specific delimiters or safety instructions are defined to separate the documentation content from the agent's core instructions.
  • Capability inventory: The skill enables the writing of new test files to the source code repository and index files to the documentation tree.
  • Sanitization: Employs template substitution via sed and PowerShell string replacement for initial scaffolding, while the semantic content of the tests is generated based on the ingested docs.
  • [DYNAMIC_EXECUTION]: The common.sh helper script performs dynamic execution using eval to load configuration data from .kiss/context.yml into shell environment variables.
  • The implementation utilizes shell-safe quoting and escaping (using printf %q and a Python-based parser) to limit the risk of code injection from the configuration file.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 03:41 PM
Security Audit — agent-trust-hub — kiss-unit-tests