test-flakiness
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection because it ingests and processes untrusted data from CI logs and test reports.
- Ingestion points: Reads content from test result artifacts and logs in .github/, test-results/, and Saved/Logs/ (described in Sections 2 and 3).
- Boundary markers: The instructions do not specify any delimiters or instructions for the agent to ignore potentially malicious content embedded within the log files.
- Capability inventory: The skill utilizes Bash, Grep, Write, and Edit tools to process the findings and update local project files such as tests/regression-suite.md.
- Sanitization: There is no mention of sanitizing or escaping test names or log messages before they are used in subsequent bash commands or as part of the prompt for analysis and cause classification.
Audit Metadata